Author Archives: Greg Wood

IETF Profile: Jari Arkko

Periodic posts on the IETF Blog highlight individuals who serve in IETF leadership roles, people who have recently begun working in the IETF, and organizations that make the work of the IETF possible. Each post aims to describe experiences working within or supporting the IETF. This one is by Jari Arkko, who will step down as the current IETF Chair during IETF 98 and begin an appointment as a member of the Internet Architecture Board (IAB).

Jari Arkko

Jari Arkko

I had my first contact with the IETF in 1996. I started working with modem pool and access server products at Ericsson. Some of what we wanted to build for our products needed standards so they could interoperate. I started working with AAA protocols and extensions. Later I became chair of the EAP, EMU, and MOBIKE working groups. These were long-term efforts that I was heavily involved in.

When I was first approached about the area director role, it didn’t sound like a feasible goal, but it grew on me. But a few years later, I applied to become an Internet Area Director. It turned out to be a perfect fit — I got to work on many topics that I really cared about, such as IPv6 transition techniques. And it was good for our company because this is the layer where our products mostly were.

I was an AD from 2006 to 2012. Six years is on the long side for this job. We tell people that four years is optimal because it takes about two years to learn the job. When I was an AD, the IETF took up 50–100% of my time. Meanwhile, Ericsson benefitted from me advising them on where the technical pieces that we cared for were heading to.

I spent the year after the AD term in the the IAB. I was already wondering if I wanted to be the IETF chair. But I knew it would be a growing experience, perhaps even a scary challenge. But I thought about it for a long time and decided to go for it.

I was IETF Chair from 2013 to 2017. And this year we are again in a situation where things are changing: I will still be at the IE, contributing, and again at the IAB.

I have personally benefitted tremendously from the involvement with the IETF. Those challenges were well worth taking!  It is a privilege to witness Internet technology in the making. .And the nature of a leadership role in the IETF demands that you see things in a broader way, talk with other companies, talk with lots of people with new ideas. It forces you to understand the bigger picture. I’ve become personal friends with lots of people in the industry, a perk I’ve enjoyed a great deal.

In a leadership role, you get the feeling that you are in the middle of important issues. As chair of one of the more active or high-profile working groups, you are doing things that are broadly visible and have an impact on the Internet. As IETF chair, I was witness to many interesting things. I am an engineer and have no interest in going into political matters. Yet observing the IANA [Internet Assigned Numbers Authority] transition was a wonderful experience, and I was glad to see how that played out.

The work of the IETF chair represents almost 100% of my efforts, although I spend a fair bit of time at Ericsson. My main role at Ericsson is to share with people what is happening in the Internet and make sure we take it into account. There were many cases, including Internet of Things technology, HTTP and encryption changes, where our business was affected by what was happening at the IETF. The company appreciates our IETF team’s involvement and expertise on these topics.

If you are thinking about applying for an IETF leadership position, my suggestion is to take the challenge! Expose yourself to new things. You will understand more, which is a benefit to both you as a person and your employer.

For me, being a leader in the IETF has underscored that we actually can make a difference. We can make significant technical changes in the Internet, or change how the Internet is administered. Yes, some of the work is hard and takes a lot of effort, but isn’t that the exciting part?

IETF Profile: Alissa Cooper

Periodic posts will highlight individuals who serve in IETF leadership roles, people who have recently begun working in the IETF, and organizations that make the work of the IETF possible. Each post aims to describe experiences working within or supporting the IETF. The first of these is by Alissa Cooper, current IETF ART Area Director, who will take on the IETF Chair position during IETF 98.

Alissa Cooper

Alissa Cooper, IETF 96 at Intercontinental Hotel, Berlin, Germany.

I started participating in the IETF in 2008 and went to my first meeting at IETF 72  in Dublin. I was working at the non-profit Center for Democracy and Technology (CDT) in Washington, DC, where my role was to explore and articulate the technical implications of policy. I worked on a number of issues there, including online privacy.

In 2008, real-time applications were the focus of many of the consumer privacy issues of most interest to CDT. Initially, I focused on the Geopriv Working Group. I became a document author and then a co-chair of the group. It was a busy time in Geopriv – many tough battles had already been fought concerning the design of the technology, but finishing out the protocol suite required substantial effort. Over time the IETF grew into a larger portion of my job responsibilities because it was well aligned with the rest of the CDT work I was doing.

In 2011, I was appointed to the Internet Architecture Board and soon thereafter became the lead of the IAB’s Privacy Program. CDT was thrilled—they saw it as a huge honor that one of their own had been selected to serve in this capacity.

In 2013, I joined Cisco, and in 2014, I joined the Internet Engineering Steering Group as Applications and Real-Time area director. I’ve tried to do my area director work approximately half-time and my day job half-time. I’m leaving the post as I’ve been appointed IETF Chair beginning in March 2017—my new full-time role for the next two years.

Leadership in the IETF offers exposure to a broad swath of Internet technology that most of us otherwise wouldn’t be able to justify spending our time learning and influencing. This is particularly true on the IESG, but also on the IAB. It’s incredibly enriching and highly beneficial because you’re able to make connections between your day job and things going on across the whole industry.

IETF leadership also requires management skills of many kinds. You have to manage authors, your time, big community processes. It requires a lot of strategy and work in the background to achieve good outcomes. Many people do not realize the depth of the management education you get while serving in the IETF leadership.

Lastly, you get to (try to) promote your vision of what the future of the Internet should look like. Everybody might not agree with you, but serving in the leadership gives you a platform to steer and influence.

Cisco has been a big supporter of the IETF because it is deeply invested in the growth and stability of the Internet. Its customers like the idea that the products they buy from different vendors interoperate. Cisco enjoys having people in leadership positions dedicating a portion of their time to furthering interoperability and making sure that standards are keeping pace with other technological developments.

In recent years, some IETF participants have encountered difficulty in trying to convince their employers about the value of the time commitment associated with IETF leadership positions. But in reality it is possible to balance your day job with an IETF leadership role—you set the parameters for how you manage your time. Lots of positions require a half-time commitment or less.

Having a well-functioning IETF and an Internet that runs on secure, performant, interoperable standards should be pretty important to any large tech company at this point in history. If that model goes away, the options for how we replace it are all inferior. Hopefully the indirect benefits of supporting IETF leaders are obvious, but if not, current and past IETF leaders are always happy to explain the benefits. We have a big incentive to expand the population of people willing to take on leadership roles.

University Students Create Running Code for the Internet

IETF 97 Hackathon pano

IETF Hackathons embody the IETF’s tradition of running code—testing theories against the realties of implementation, with a goal of accelerating the definition and adoption of protocols and technologies that make the Internet work better. One of the best things about theses events is the shared success of a broad range of participants, from long-time IETF contributors to those who have never attended an IETF meeting or joined an IETF working group. Of particular note, university students from around the world have been remarkable contributors at the past few hackathons.

Team from Sungkyunkwan University IETF Hackathon at IETF 97

Team from Sungkyunkwan University IETF Hackathon at IETF 97

At the most recent IETF Hackathon in Seoul, a team from Sungkyunkwan University worked on implementations of the specifications being defined with the Interface to Network Security Function (I2NSF) Working Group. Powered by energetic professors and students from Sungkyunkwan University in South Korea, the team used RESTCONF and NETCONF together with YANG data models to implement network security services using OpenDaylight and mininet. In doing so, they validated the approach defined by the IETF’s I2NSF Working Group.

Charles Eckel, an Open Source Developer Evangelist for Cisco DevNet, who has led the IETF Hackathons over the past few years, has witnessed first hand how teams with a diverse set of participants often leads to impressive results. Eckel commented, “The most successful hackathon teams are those with a good mix of participants with different skillsets. When you combine IETF newcomers with great coding skills with IETF veterans with tremendous knowledge of evolving Internet protocols—that’s where the magic happens.”

IETF Hackathons provide students with unique learning opportunities as well. Eckel observes, “The mentoring and teamwork that comes from working closely with a group of people on a focused effort over the course of two days is a rich and valuable experience that you are not likely to get merely by reading a few drafts and attending a handful of meetings.”

On numerous occasions, even the hurdle of geography has been cleared by hackathon participants. For example, Ecole Polytechnique de Louvain in Belgium organized two teams working on Multipath TCP during the IETF 97 Hackathon in Seoul. Five participants in Seoul, including three PhD students, worked with 25 students in Louvain-la-Neuve on a new socket API that allows application developers to more easily make use of multipath TCP subflows. Together, the teams received the Best Overall award for the hackathon.

The result confirms Eckel conclusion that, “IETF Hackathons are great events for both long-time IETFers and well as newcomers. “

The next IETF Hackathon will be held in Chicago on 25-26 March 2017. As Eckel notes, “For someone with coding skills and an interest in working on the Internet, IETF Hackathons provide opportunities to get plugged into a project and immediately start producing tangible results.”

For more information, and details about participation, see:

Patching the Internet of Things: IoT Software Update Workshop 2016

IOTSU Picture

photo: Hannes Tschofenig

“There’s a huge problem with the Internet of Things and we need to do something about it.” That was the invitation that brought participants to the Internet of Things Software Update Workshop (IoTSU) held at Trinity College, Dublin on June 13 and 14.

The “huge problem” with many IoT devices is that they are un-patchable, and if they cannot be patched, they cannot be made secure. The IoT is on a growth path that is quickly leading to the ubiquitous deployment of unattended devices throughout our homes, offices, factories, and public spaces. All of them, by definition, are connected to the Internet and hackers will eventually discover and exploit the vulnerabilities in these devices. When that happens, there must be a way to detect the intrusion and deploy software updates to fix the security flaws. This is a hard problem to solve and it has the attention of the IoT industry as well as that of the Internet Architecture Board (IAB) and the Science Foundation Ireland-funded CONNECT Centre who sponsored this workshop.

The workshop materials and raw minutes are here. An IAB report will be published in the near future.

The participants at the IoTSU workshop submitted nearly 30 papers on topics covering analysis of past incidents, current practices, and proposals for future standards. The organizers classified the papers and the participants discussed them during four sessions across two days. The following summarizes just a few topics from the workshop that I felt were particularly significant.

Problem Scope and Technical Constraints:
IoT devices are deployed on a range of hardware platforms, many of which are more highly constrained than others. At one end of the spectrum are the “System-On-Chip” devices with full memory management units (MMUs) running embedded Linux and full time access to mains power and a permanent Wi-Fi connection. At the other end of the spectrum are tiny “motes” connected via Low-Power and Lossy networks and required to run for years on battery power or harvest their own energy. The biggest software update challenges are with these highly constrained devices considering that all updates must be done securely and with zero risk of bricking the device. It seemed that most of the participants felt the greatest need was to first address the challenges at the lower end of this spectrum.

IOTSU Workshop participants

Photo: Hannes Tschofenig

IoT as a Service:
When I buy a product, I have a certain set of expectations regarding ownership, control, and life expectancy for that product. An IoT device, however, is not a standalone product; it is highly dependent on the services it receives over the Internet and all of the technical, organizational, and policy infrastructure that underpin those services. Many of the IoT devices on the market are being sold today as products, and consumers are not always aware of the services those devices depend upon for their long term continued operation. Developers and vendors need to keep this perspective in mind when designing and marketing the IoT.

Full Lifecycle Requirements:
To properly address the challenges of the IoT software update problem, it is essential to consider the full lifecycle of the IoT device. This begins during manufacturing when the security credentials must be generated, allocated, and provisioned into the devices in a secure manner. It also incorporates the lifecycle of the device vendor who might be bought out or go bankrupt – we need to consider how to continue patching essential devices when the original manufacturer no longer exists. Finally, it ends with addressing various end-of-life scenarios such as how to decommission and recycle those devices that no longer can or should be supported.

Next Steps:

The workshop concluded with a discussion about next steps. For starters, the organizers will publish an official workshop report. The participants also supported the concept of publishing a document to capture the current best practices in the IoT industry relative to software update. Some also brought up the need to clarify the scope of the workshop activities in terms of whether the focus should be on constrained devices or to also include other platforms or even networks of connected devices such as those found in vehicles. There may also be the opportunity for future standards work such as recommendations for certain minimum hardware requirements to address the need for random number generation, real time clock, and memory to support multiple binary images during an upgrade.

The participants at the IoTSU workshop came together because of their common concern about issues that could potentially threaten the long term success of the IoT. It was a good mix of representatives from both industry and academia who willingly and openly shared their experience and expertise. I believe the workshop was a good first step towards working together to address the common challenges that we are facing as the IoT continues to grow.

Bob Ensink – Embedded Software Engineer, SpinDance; Adjunct Professor, Department of Engineering, Hope College Revamp Update

I wanted to provide a brief update on the the progress of the website revamp project, which began in earnest last year and is scheduled to move into production by the end of this year.

As the scope of work developed with input from the IETF community specified, we have been working with the selected vendor, Torchbox, to develop a site that reflects the IETF’s position as the premiere Internet standards organization. Beyond updating and improving navigation and the visual design, the revamped site will work better for all classes of devices, including smart phones and tablets. It is also designed to improve accessibility and to work well for visitors using low-bandwidth and high-latency connections.

Of course the revamped website must work well for current IETF participants. But it also aims to serve *potential* IETF contributors by making it easier for them to get started in the IETF, and it aims to ensure that even people who aren’t likely to be contributors can understand what the IETF does and how it works. A goal of the project was to develop a design informed by data, so we interviewed people from each of these groups. We also looked at usage data available from the current website and benchmarked against websites of similar organizations.

Since sharing the initial design and prototype at IETF 93, the project team has been working on fine-tuning the design and transitioning content. The IETF Tools team has also been involved so that the information about RFCs, IETF Areas, and working groups displayed on is drawn directly from This will make it easier to keep the site current, and provide opportunities to guide people to the ongoing work of the IETF.

Work is still underway to finalize the content and features on the new site, including additional testing with the target audiences to be sure it works for them. The current project schedule calls for an extended “preview” of the new site so the entire IETF community will have a chance to try it out before everything is finalized. I expect to have a further update on the exact timeline in the next few weeks.

Joe Hildebrand, Project Manager

Example Screenshots

Screenshot of the Revamped IETF Blog

Screenshot of the Revamped IETF Blog

Example of a revamped information page about an IETF Area

Example of a revamped information page about an IETF Area

An example of the responsive design for an IETF Blog post

An example of the responsive design for an IETF Blog post