* WGs marked with an * asterisk has had at least one new draft made available during the last 5 days

2017 Security Desired Expertise


The Security Area primarily focuses on protocols that provide one or more security services -- integrity, authentication, confidentiality, and access control -- and on protocols that provide infrastructure that supports such security services. Since many security mechanisms that are needed to provide these security services employ cryptography, key management is also vital. Privacy and usability issues have become more important, so an appreciation of the potential privacy and usability impacts of IETF protocols is useful for a Security AD.

Specific expertise required for a Security AD includes a strong knowledge of IETF security protocols and a good working knowledge of security protocols and mechanisms that have been developed in the Security Area, other Areas of the IETF, and outside the IETF. It is also important for Security ADs to understand broader aspects of network and Internet security as well as the practical issues in securing Internet resources, such as techniques for denial-of-service mitigation or Web application-level attacks.

Security ADs must match the cost of security to the value of the resources being protected, and they must balance security against usability. A good understanding of industry and operational practices is also beneficial.

Between the two Security ADs there will ideally be one who is knowledgeable about each of the following security protocols: PKIX, IPsec, TLS, SASL, Kerberos, GSS-API, EAP, CMS, and S/MIME. Ideally at least one AD should be knowledgeable about web security, threat and policy management, as well as system integrity.

The Security Area intersects with all other IETF Areas, and the Security ADs are expected to read and understand the security implications of documents produced by all IETF Areas. Security ADs become personally involved and coordinate the involvement of other security experts in the work of other Areas. Broad knowledge of IETF technologies and the ability to assimilate new information quickly are imperative for a Security AD.