• The new GREEN working group gets ready for an energy efficient Internet

    The Getting Ready for Energy-Efficient Networking (GREEN) working group will explore use cases, derive requirements, and provide solutions to optimize energy efficiency across the Internet.

    29 Oct 2024

  • IETF Annual Report 2023

    The IETF Annual Report 2023 provides a summary of Internet Engineering Task Force (IETF), Internet Architecture Board (IAB), Internet Research Task Force (IRTF), and RFC Editor community activities from last year.

    25 Oct 2024

  • IETF 122 Bangkok registration open

    Registration is now available for the IETF 122 Bangkok meeting scheduled for 15-21 March 2025, which is the first time registration for an IETF meeting has been open before the preceding meeting registration has closed.

    25 Oct 2024

  • First Impressions from the IAB AI-CONTROL workshop

    The Internet Architecture Board (IAB) organized a workshop on 19-20 September 2024 to discuss issues around and possibilities for practical mechanisms that publishers of data on the Internet could employ to opt out of use by the Large Language Models and other machine learning techniques used for Artificial Intelligence (AI).

    24 Oct 2024

  • New Participant activities at the IETF: Major expansion coming for IETF 122!

    The IETF New Participants program has a long history of helping people just starting out in the IETF be more effective. Based on feedback from program participants over the past two years, and in consultation with the Internet Engineering Steering Group (IESG), the program will be significantly enhanced starting with IETF 122 Bangkok.

    22 Oct 2024
  • Show all

Filter by topic and date

Filter by topic and date

IETF 104: Internet of Things (IoT) Wrapup

20 May 2019

At IETF 104, there was a great deal of activity related to various aspects of the IoT ecosystem across numerous working groups, Birds-of-a-Feather gatherings, the Thing-to-Thing Research Group (T2TRG), as well as side conversations. The IETF Hackathon preceding IETF 104, as well as spontaneous conversations in hallways and over meals around IETF 104, were also fruitful.

For those interested in following or participating in IoT-related standards development, IETF working groups (WGs) are open to any interested individual. Much of the work of the IETF takes place on mailing lists and links to details about respective WG email lists, including information about subscribing and list archives, are included in the working group information towards the end of this post. But first, a summary of activities at IETF 104 assembled from contributions by, and thanks to, Henk Birkholz, Eliot Lear, Michael Richardson, and Mohit Sethi, followed by links to work undertaken at the recent IETF Hackathon and to ongoing IoT-related working groups as well as the T2TRG.

Remote ATtestation ProcedureS (RATS) Working Group

Henk Birkholz

The RATS working group is aiming to provide answers to questions of how to imbue with trustworthiness the things that compose the Internet itself. A broad foundation is required to establish trust in network equipment, conveyance protocols, and the entities that govern them. Therefore, the working group anticipates participants from manufactures, vendors, various standards development organizations (SDOs), and other standards experts in the field of trust relationships and trusted computing. The aim is to bring these experts together in order to discuss and create the necessary protocols required to distribute believable evidence about the veracity of the things that compose the Internet.

Creating the concept of "Forward Authenticity” is one of the first steps being taken. Providing indisputable evidence about the trustworthiness of the things that compose the Internet, in an inter-operable manner, is another goal of the RATS working group. The RATS working group has outlined many topics that have to be addressed in this domain and will continue to evolve systematically a corresponding roadmap to address them.

Thing-to-Thing Research Group (T2TRG)

Eliot Lear and Mohit Sethi

The Thing-to-Thing research group (T2TRG), under the Internet Research Task Force (IRTF), investigates open research issues towards turning the promise of IoT into reality. The research group held reported on their recent activities during their session in Prague, and held a further working meeting to follow up.

Earlier this year, the seminal document on IoT security considerations from T2TRG cleared its last milestone and was approved for publication as an informational RFC by the Internet Engineering Steering Group (IESG). T2TRG is also discussing two new pieces of work:

  • Constrained Internationalized Resource Identifiers describes a mechanism to encode URI components in Concise Binary Object Representation (CBOR) instead of the typical string of ASCII characters. This can simplify parsing and comparison of URIs in resource-constrained environments.
  • Constrained RESTful Application Language (CoRAL) defines a data and interaction model that can allow software agents (automated scripts) to navigate a Web application based on a standardized vocabulary of links and forms and relation types.

IoT bootstrapping work is also underway in the IETF. Many small office and home (SOHO) IoT devices re-use the existing Wi-Fi infrastructure for connecting to the Internet. These deployments typically rely on a network-wide shared-secret for joining the network. This is also commonly referred to as WPA2-PSK mode. However, the security of a shared passphrase becomes highly questionable when large numbers of physical devices–from toys to bathroom scales to doorbells to thermostats–are connected to the network. The per-device credentials provided by 802.1X will be necessary to prevent one insecure device from compromising the security of others on the same wireless network. There is currently ongoing discussion in the community on how IETF standards such as EAP (Extensible Authentication Protocol) can be employed for this purpose.

Full details and the latest information about T2TRG activities can be found in GitHub.

Large organizations obviously also require centralized management, both in terms of how devices get credentials, and establishing accountability for those devices. When hundreds of the same type of a device are connected, automation is a requirement. On the other hand, such a trusted introduction also introduces additional and potentially lasting dependencies on additional parties. The IETF is currently working on mechanisms such as Bootstrapping Remote Secure Key Infrastructure (BRSKI) which are being adopted by others.

After the IETF 103 meeting, a mailing list was also formed to discuss these topics, and participants have begun to catalog the mechanisms that are available. Discussions at IETF 104 were used refine that work.

Lightweight Implementation Guidance (LWIG)

Eliot Lear and Mohit Sethi

The LWIG working group is providing useful implementation guidance to IoT developers. Among other things, the working group is currently working on a draft that defines how various standard elliptic curves such as NIST P-256, Curve25519 and Ed25519 can efficiently re-use the same underlying implementation. Since the last IETF meeting, this draft has received a review from Crypto Forum Research Group (CFRG) of the IRTF. Updates to this and other documents were discussed during the working group session.

Other meeting highlights

Other IoT-related highlights of the IETF 104 meeting included:

IETF Hackathon

The IETF Hackathon preceding the IETF 104 meeting included several IoT-related projects:

  • HOMENET (Home Networking), DNSSD and the Internet of Things

  • Internet of Things with RIOT

  • IP Wireless Access in Vehicular Environments (IPWAVE) Basic Protocols

  • (IPv6 over Low Power Wide-Area Networks) LPWAN CoAP/UDP/IPv6 SCHC compression and fragmentation

  • RPL over BLE using NimBLE and RIOT

  • Secure IoT bootstrapping with Nimble out-of-band authentication for EAP (EAP-NOOB)

  • SUIT (Software Updates for Internet of Things) IoT Firmware Update Metadata

  • TEEP (Trusted Execution Environment Provisioning) Interop for Open Trust Protocol (OTrP)

  • WISHI (Work on Semantic/Hypermedia Interoperability)


The IETF Hackathon wiki has additional details on all the projects worked on in Prague.

IoT-related Working Group materials from IETF 104

Here are links to IoT-related Working Group information, including materials and video recordings from sessions at IETF 104:

6lo (IPv6 over Networks of Resource-constrained Nodes) WG

6tisch (IPv6 over the TSCH mode of IEEE 802.15.4e) WG

ace (Authentication and Authorization for Constrained Environments) WG

core (Constrained RESTful Environments) WG

homenet (Home Networking) WG

ipwave (IP Wireless Access in Vehicular Environments) WG

lpwan (IPv6 over Low Power Wide-Area Networks) WG


lwig (Light-Weight Implementation Guidance) WG

opsawg (Operations and Management Area) WG

rats (Remote ATtestation ProcedureS)

roll (Routing Over Low power and Lossy networks) WG

suit (Software Updates for Internet of Things) WG

t2trg (Thing-to-Thing) RG

teep (Trusted Execution Environment Provisioning) WG

About the author

Steve Olshansky is the Internet Technology Program Manager at the Internet Society, based in Colorado, United States.  

Share this page