NOTE: The new Security Area wiki is at: Please make updates there.

The IETF Security Area

Security (SEC) is one of the areas of work at the IETF. It consists of working groups focused on security and privacy protocols, and supports the appropriate application of security mechanisms in the protocols being developed in other areas of the IETF. The 25 Security area working groups are focused on:

  • enabling secure and privacy-preserving communications;
  • helping collect, verify, understand, and update the state of network end-points; and
  • providing protocols and applications the means to handle the authentication, authorization, and accounting of users, applications, and devices.

The area is managed by the Security Area Directors (ADs) Roman Danyliw and Paul Wouters.

The Security ADs are assisted by the SECDISPATCH WG, a Security Directorate (SECDIR), and Security Area Advisory Group (SAAG).

Not formally part of the Security area, but collaborative in scope are the IRTF's Crypto Forum Research Group (CFRG) and Privacy Enhancements and Assessments Research Group (PEARG); and the IAB's Threat Model Program (model-t).

The research community has also helped verify the security properties of IETF protocols with formal analysis.

New Work in the Security Area

In additional to the IETF standard operating procedures on starting new work, the Security area uses the SECDISPATCH WG and the associated mailing list to raise awareness about and discuss next steps on, new proposals via the dispatch process.

The SEC Area directors can also be contacted to discuss how to engage the IETF on new work.

New work currently being discussed includes:

Security Directorate (SECDIR) and Document Reviews

The Security Area Directorate (SECDIR) provides support to the Security Area Directors. The members consist of the WG Chairs of the Security Area and selected individuals chosen for their technical knowledge in security and their willingness to work with other groups within the IETF. Typically, each Internet-Draft is automatically assigned a SECDIR review during IETF Last Call and in preparation for an IESG Telechat. Early reviews (while the document is still being developed in the working group) can also be requested via the datatracker. Each of these review follows the Security Director Review Process

The SECDIR review queue and the mailing list are available.

In the limited cases where the cryptographic mechanisms of an IETF document requires deeper analysis by a cryptographer, the Security Area relies on the IRTF CFRG Crypto Review Panel.

The SECDIR and SEC AD reviews of documents have produced the following list of Common SEC Area Review Issues that have been repeatedly identified. Authors and WGs should consider these issues when writing their documents.

If specific security expertise is needed in a WG, please contact the Security ADs who may be able to find a advisor for the WG.

Security Areas Advisory Group (SAAG)

The Security Area Advisory Group (SAAG) is an open IETF forum to discuss security issues. It meets during IETF meetings.

SAAG is not working group. As such, it does not adopt or publish documents.

The community is welcome to subscribe to the mailing list or review the archives.


Security Area leadership past and present is further described on the Security Area Directors page.

Last modified 2 months ago Last modified on 14/11/22 21:09:07