Catching up on IETF 115
Recordings are now available for sessions held during the IETF 115 meeting and the IETF Hackathon, where more than 1500 participants gathered in London and online 5-11 November 2022.
Read more
Upcoming events
IETF 116 Yokohama
IETF 116 starts Saturday 25 March and runs through Friday afternoon, 31 March.
Yokohama, Japan
IETF 117 San Francisco
IETF 117 starts Saturday 22 July and runs through Friday afternoon, 28 July.
San Francisco
What's new?
Catching up on IETF 115
Recordings are now available for sessions held during the IETF 115 meeting and the IETF Hackathon, where more than 1500 participants gathered in London and online 5-11 November 2022.
13 Nov 2022
Opportunities for university researchers and students during IETF 115
The upcoming IETF 115 meeting in London on 5-11 November 2022 is a unique opportunity for networking researchers to learn how RFCs are written, to engage with the Internet standards community to begin to develop research impact, and to meet more than 1,000 leading technologists from around the world currently working in industry, academia, and other organizations.
1 Nov 2022
Search the IETF email archive
Much of the daily work of the IETF is conducted on electronic mailing lists. A new mail archive tool realizing the requirements developed in RFC 6778 is now in use:
Search IETF Datatracker
The IETF Datatracker contains data about IETF documents, working groups, meetings, agendas, minutes, presentations, and more:
Understanding the Internet Engineering Task Force
Working Groups
Working Groups are the primary mechanism for development of IETF specifications and guidelines. Working Groups are typically created to address a specific problem or to produce one or more specific deliverables (a guideline, standards specification, etc.).
- See how IETF Working Groups operate
Featured Working Group
Network Time ProtocolAccurate, precise, and reliable time is an important function relied upon by modern systems, devices, and applications. This requires reliable and accurate network time synchronization over modern IP…
NTP
Request for Comments (RFCs)
The IETF publishes RFCs authored by network operators, engineers, and computer scientists to document methods, behaviors, research, or innovations applicable to the Internet.
- Learn more about RFCs
Topics of interest
Automated network management
The IETF is working on standards for automated network management which, as the name implies, aims to improve and make more efficient management of networks as they continue to increase in size and complexity.
The Internet of Things at the IETF
The Internet of Things (IoT) is the network of physical objects or "things" embedded with electronics, software, sensors, actuators, and connectivity to enable objects to exchange data with the manufacturer, operator, and/or other connected devices.
New transport technology
The development of new transport technologies in the IETF provides capabilities that improve the ability of Internet applications to send data over the Internet.
Next IETF meeting
Stay tuned for the latest information on the next IETF meeting scheduled for 7-11 November 2022
Visit the IETF 115 meeting webpage
opens in new window PRESS RELEASE May 5, 2022 Faster, easier, and more secure sign‑ins will be available to consumers across leading devices and platforms Mountain View, California In a joint effort to make the web more secure
and usable for all, Apple, Google, and Microsoft today announced plans to expand support for a common passwordless sign-in standard created by the FIDO Alliance and the World Wide Web Consortium. The new capability will allow websites and apps to offer consistent, secure, and easy passwordless sign-ins to consumers across devices and platforms. Password-only authentication is one of the biggest security problems on the web, and managing so many passwords is cumbersome for consumers, which
often leads consumers to reuse the same ones across services. This practice can lead to costly account takeovers, data breaches, and even stolen identities. While password managers and legacy forms of two-factor authentication offer incremental improvements, there has been industry-wide collaboration to create sign-in technology that is more convenient and more secure. The expanded standards-based capabilities will give websites and apps the ability to offer an end-to-end passwordless
option. Users will sign in through the same action that they take multiple times each day to unlock their devices, such as a simple verification of their fingerprint or face, or a device PIN. This new approach protects against phishing and sign-in will be radically more secure when compared to passwords and legacy multi-factor technologies such as one-time passcodes sent over SMS. Hundreds of technology companies and
service providers from around the world worked within the FIDO Alliance and W3C to create the passwordless sign-in standards that are already supported in billions of devices and all modern web browsers. Apple, Google, and Microsoft have led development of this expanded set of capabilities and are now building support into their respective platforms. These companies’ platforms already support FIDO Alliance standards to enable passwordless sign-in on billions of industry-leading devices,
but previous implementations require users to sign in to each website or app with each device before they can use passwordless functionality. Today’s announcement extends these platform implementations to give users two new capabilities for more seamless and secure passwordless sign-ins: An Expansion of Passwordless Standard Support
In addition to facilitating a better user experience, the broad support of this standards-based approach will enable service providers to offer FIDO credentials without needing passwords as an alternative sign-in or account recovery method.
These new capabilities are expected to become available across Apple, Google, and Microsoft platforms over the course of the coming year.
“‘Simpler, stronger authentication’ is not just FIDO Alliance’s tagline — it also has been a guiding principle for our specifications and deployment guidelines. Ubiquity and usability are critical to seeing multi-factor authentication adopted at scale, and we applaud Apple, Google, and Microsoft for helping make this objective a reality by committing to support this user-friendly innovation in their platforms and products,” said Andrew Shikiar, executive director and CMO of the FIDO Alliance. “This new capability stands to usher in a new wave of low-friction FIDO implementations alongside the ongoing and growing utilization of security keys — giving service providers a full range of options for deploying modern, phishing-resistant authentication.”
“The standards developed by the FIDO Alliance and World Wide Web Consortium and being led in practice by these innovative companies is the type of forward-leaning thinking that will ultimately keep the American people safer online. I applaud the commitment of our private sector partners to open standards that add flexibility for the service providers and a better user experience for customers,” said Jen Easterly, Director of the U.S. Cybersecurity and Infrastructure Security Agency. “At CISA, we are working to raise the cybersecurity baseline for all Americans. Today is an important milestone in the security journey to encourage built-in security best practices and help us move beyond passwords. Cyber is a team sport, and we’re pleased to continue our collaboration.”
“Just as we design our products to be intuitive and capable, we also design them to be private and secure,” said Kurt Knight, Apple’s Senior Director of Platform Product Marketing. “Working with the industry to establish new, more secure sign-in methods that offer better protection and eliminate the vulnerabilities of passwords is central to our commitment to building products that offer maximum security and a transparent user experience — all with the goal of keeping users’ personal information safe.”
“This milestone is a testament to the collaborative work being done across the industry to increase protection and eliminate outdated password-based authentication,” said Mark Risher, Senior Director of Product Management, Google. “For Google, it represents nearly a decade of work we’ve done alongside FIDO, as part of our continued innovation towards a passwordless future. We look forward to making FIDO-based technology available across Chrome, ChromeOS, Android and other platforms, and encourage app and website developers to adopt it, so people around the world can safely move away from the risk and hassle of passwords.”
“The complete shift to a passwordless world will begin with consumers making it a natural part of their lives. Any viable solution must be safer, easier, and faster than the passwords and legacy multi-factor authentication methods used today,” says Alex Simons, Corporate Vice President, Identity Program Management at Microsoft. “By working together as a community across platforms, we can at last achieve this vision and make significant progress toward eliminating passwords. We see a bright future for FIDO-based credentials in both consumer and enterprise scenarios and will continue to build support across Microsoft apps and services.”