IETF Nixes Wiretapping, Eyes Wireless

FRAMINGHAM (03/24/2000) - When the Internet Engineering Task Force (IETF) meets next week in Adelaide, Australia, one topic that won't be on the agenda is wiretapping.

A proposal to develop protocols that would make it easier for law enforcement agencies to intercept communications over the Internet was the centerpiece of the IETF's last meeting, in November. In a heated debate, a majority of the participants rejected the proposal.

The IETF responded last week by issuing a new policy against building a wiretapping capability into the protocols that underlie the Net. The policy states that the international standards development group is the wrong forum for designing protocols to meet the wiretapping laws of specific countries. The policy also says built-in wiretapping would lessen the security and increase the complexity of Internet protocols.

The wiretapping decision is a boon to network managers, many of whom feared that any hole built into the Net for legitimate law enforcement purposes would be abused by hackers.

"IETF's policy against adding wiretapping support in protocols means that the security of IETF protocols will not be compromised in the name of adding wiretapping support," says Keith Moore, a co-director of the IETF's applications area.

With the wiretapping issue resolved, the IETF this week will focus on protocols for wireless and secure applications, among others.

The plenary session on Wednesday night will explore the Wireless Application Protocol, a method of accessing Web-based data over cellular phones that is being developed by the WAP Forum. The IETF is looking for ways to integrate WAP with protocols such as IPv6, the next generation of the Internet's main communications protocol, and MobileIP, which allows nodes using either IPv6 or the current IPv4 protocol to roam.

The IETF also will update attendees on the findings of a recent workshop held on the readiness of IP to support wireless applications such as cellular telephones, satellite-based processing and aircraft telemetry.

"The question is what do we need to do to make Internet technology work well in a wireless world?" says IETF chair Fred Baker. "If we can make network congestion and loss two different things, lo and behold, Internet technology will work for wireless."

In the security area, the IETF is considering a proposal nicknamed itrace that would help ISPs find the original machine sending denial-of-service attacks like those that felled several popular Web sites in February. A draft document about itrace was submitted to the IETF two weeks ago by Steve Bellovin, a security expert from AT&T Laboratories.

"What itrace is dealing with is when someone starts sending one of these denial-of-service streams, you want to identify the machine it's coming from," Baker says. "Often it's set up so that it looks like the stream is coming from other addresses. We're trying to figure out a way to quickly isolate the specific source of the stream."

Other hot topics at this week's meeting:

A joint effort with the International Telecommunications Union to develop a protocol to break up the controller and gateway functions in large telephone switches to create smaller, more flexible and less expensive systems. Coming out of the IETF's megaco group, this protocol is likely to be finished at the meeting.

A proposed effort called IP Storage will look at ways to attach SCSI disk drives directly to IP networks to create faster, more efficient and better-managed storage-area networks. The IP Storage group will hold a preliminary session at the Adelaide meeting.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about AT&TGatewayIETFInternet Engineering Task ForceWAP Forum

Show Comments