The IETF Security Area

Security (SEC) is one of the areas of work at the IETF and is focused on security protocols. The Security Area is also concerned with the appropriate application of security mechanisms in protocols developed by working groups in other Areas of the IETF.

The area is managed by the Security Area Directors Kathleen Moriarty and Eric Rescorla. It is chartered in a number of working groups listed below.

The Security Area Directors are assisted by a Security Directorate and Security Area Advisory Group (SAAG). In some cases, the Security Area provides a Security Advisor to other working groups.

Security Directorate

The Security Area Directorate provides support to the Security Area Directors. The group consists of the Working Group Chairs of the Security Area and selected individuals chosen for their technical knowledge in security and their willingness to work with other groups within the IETF to help provide security throughout IETF protocols. A roster of the current directorate members is here.

The security directorate is currently reviewing all IETF documents that pass through the IESG as a way to help the Security Area Directors improve their efficiency per the Security Director Review Process.

The directorate can be contacted by sending e-mail to secdir@…. Subscription is normally limited to Security Area WG chairs and individuals who help with document reviews, but the list archives are available.

Security Areas Advisory Group (SAAG)

The Security Area Directors are also supported by the Security Area Advisory Group (SAAG). The SAAG acts as an open forum for security issues. It meets during IETF meetings.

Anyone can subscribe to the SAAG mailing list or review the archives.

Active Working Groups

(ACE) Authentication and Authorization for Constrained Environments

(ACME) Automated Certificate Management Environment

(CURDLE) CURves, Deprecating and a Little more Encryption

(DOTS) DDoS Open Threat Signaling

(I2NSF) Interface to Network Security Functions

(IPSECME) IP Security Maintenance and Extensions

(KITTEN) Common Authentication Technology Next Generation

(LAMPS) Limited Additional Mechanisms for PKIX and SMIME

(MILE) Managed Incident Lightweight Exchange

(OAUTH) Web Authorization Protocol

(SACM) Security Automation and Continuous Monitoring

(SECEVENTS) Security Events

(TLS) Transport Layer Security

(TOKBIND) Token Binding

(TRANS) Public Notary Transparency

Significant Working Groups in other Areas


(SIDR) Secure Inter-Domain Routing

(TCPINC) TCP Increased Security

Area Director-Sponsored Documents


Non-WG Initiatives and Topics



Security Area leadership past and present is further described on the Security Area Directors page.

Last modified 4 months ago Last modified on Nov 17, 2017, 1:44:18 AM