Connection 2017 - Speaker Series: Darin Pettis & Steve Fenter
I am sure most of you would have heard by now that IIESoc have been working behind the scenes for "Connections 2017" - a Pre-IETF 100 forum in bangalore on 8-9 Novemeber 2017, to get protocol developers, academicians and network operators together on the same platform to discuss the latest problems facing the internet and the solutions relevant to them. This is being done with a focus on India and Indian contributions to the Internet.
The event consists of a full-day Conference on 8th November 2017 and a Hackathon on 9th November 2017. There are 4 tracks for the event (both conference and hackathon) - Applications, Security, Software Defined Networks (SDN) and Internet of Things (IoT).
We have star studded lineup of International and Indian speakers such as Fred Baker (former chair of IETF), Paul Wouters, Syam Madanapalli, Elliot Lear, Carsten Bormann, Vishnu Pavan Beeram and many more.
This blog is part of the speaker series that introduces the various amazing speakers that are part of the event. Next in the series are Darin Pettis and Steve Fenter.
Darin Pettis's Bio: Darin Pettis joined US Bank in June 2008. He currently serves as VP – Business Aligned Infrastructure Consultant advising the Business and Information Services (BIS) division of the company. BIS has over 1,500 employees with more than 500 applications. He is also involved with the Internet Engineering Task Force standards body. It was at US Bank that he evolved from being strictly network focused to being performance oriented while managing a packet based performance team for a number of years. Prior to joining US Bank, Darin spent eight years at RBC Wealth Management in a variety of positions, eventually as Head of the Telecommunications Services Group. There he was responsible for operations, engineering and trading floor support from a network perspective. Before that he spent five years at US West. He also served 4 years in the US Air Force in teletype and crypto groups as well as a decade in the MN Air National Guard doing a progressive variety of communications work for the 210th Engineering and Installation Squadron. Darin holds an Associate’s degree in Electronics from the Community College of the Air Force, a Telecommunications degree from UW Stout and has been a Cisco Certified Network Professional. He is also the proud father of three teenage boys.
Steve Fenter's Bio: Steve Fenter has been doing network packet analysis for 32 years. He spent 17 years at NCR Comten doing both code level and packet level analysis on IBM SNA networks. Following his time at Comten Steve completed his Cisco CCIE certification in Routing and Switching, and currently holds a CCIE Emeritus status. The last 15 years he has been at US Bank analyzing their enterprise network as part of the Network Application Analysis team. His responsibilities have included packet analysis as well as architecture of US Bank's packet capture/packet broker environment. The last few years he has also been focusing on packet visibility issues, including visibility in virtual networks and in the cloud, as well as the ability to decrypt and inspect packet payloads for troubleshooting. This interest has led him into active involvement with the IETF since July of 2016.
Talk: Impact of TLS1.3 on Enterprises
In the TLS 1.3 presentation they will initially talk about the deprecation of the RSA protocol which would cause many security and troubleshooting tools to go dark with encrypted traffic. Next they will speak of our challenges to retain visibility when RSA had been removed about three years earlier and wasn't going to return in TLS 1.3 They will outline the journey that we undertook to create a new technical visibility option. Followed by the very real need to garner adoption from the TLS Working Group along with the great insight we have received to make the proposed solution very strong. Finally, they will speak to the creation of EDCO (Enterprise Data Center Operators) to address a need for enterprise representation and involvement in new and evolving standards that we must abide by.
Checkout other talks at - https://www.connections.iiesoc.in/abstract
We also asked Darin and Steve, a few questions regarding there IETF contributions and involvement.
1. How did you get involved in the IETF? Was there a particular issue that led to your involvement? Darin: I became involved in the IETF in 2016 due to a proposed TLS standard that no longer had the visibility option that many are required to have for security and troubleshooting. Sending an email about the concern did not have the desired effect so I traveled to the next meeting in Seoul, Korea with our CISO , our architect and the director of the Financial Services Roundtable-BITS organization to appraise them of the importance of this visibility. We did get a number of technical suggestions along with some negative comments. We created a solution and presented it in Prague. They said it was closer but gave us more technical suggestions of how to make it better and incorporate some features that they wanted. We also had to defend the reasoning for it as there were some that would prefer what they term end-to-end security and they argued strongly for it but we end up with a 50/50 consensus around ongoing Working Group efforts on this so we proceeded forward to create a newer and more secure way to gain the visibility we needed inside the enterprise. his need to decrypt is rapidly growing because of increased encryption inside the data centers for security and regulatory needs. I don't think that they have fully thought about how their data remains secure and the app up-time remains high if we can't see the data to run security and performance tools against it but that is part of why so much discussion. While our main authors had some unavoidable conflicts with presenting in Singapore, we plan to present at the following IETF in London.
Steve: When Nalini Elkins told me about the deprecation of the RSA key exchange in TLS 1.3 I had all kinds of red flags and alarm bells in my brain, because we would be losing the ability to decrypt and inspect packet payloads for troubleshooting. After I calmed down Nalini suggested I get involved in the IETF and do something about it. That was June of 2016 and I've been involved ever since.
2. What are some of the most interesting changes or impacts you have seen at the IETF? Darin: I have noticed that the pendulum has swung quite sharply towards security and privacy on a number of protocols. The ACLU is even present and actively influencing standards. Now, I am a privacy advocate too but I would contend that operations is at the other end of that pendulum. Therefore, a true balance lies between security/privacy and operations. We are working to address that balance with our extension prior to migrating to TLS 1.3.
Another interesting thing about the IETF is that it is a meritocracy primarily run by volunteers who are driven by running code and rough consensus. Also, there is no membership. If you feel that you would like to become engaged and have an issue to address or something to contribute, you are welcome to attend and become an active participant. There are roughly 1,000 to 1,500 members present from around 50 different countries so it is very multicultural.
We have started to help with another protocol named IPV6. There is a need to migrate to it but that migration has been very slow so we are sharing some insight on the issues and possible ways to increase the adoption rate.
One important note is that although the participants are commonly very intelligent in their fields, sometimes they don't have deep experience in other areas that are affected by their standards. To help address this, we have created the Enterprise Data Center Operators (EDCO) group for two reasons. One is to get the word out about users of the standards about proposed new standards and changes to existing ones like HTTP2, DNS encryption, TCP Increased Security etc and to give them a chance to weigh in on them through timely awareness. The other reason is to help the IETF gain added insight to how the standards might interoperate in varying environments. For example, the TLS WG seems to be primarily made up of very sharp cryptographers, professors and web developers but they can likely benefit from added insight into the user/operational world to gain a balanced view that helps create optimal standards.
Steve: My most interesting change has been seeing the TLS Working Group become more open to the idea of decrypting and inspecting traffic inside an enterprise network. Enterprises have been under represented at the IETF, and the perspective of data center operators who need to decrypt packets for troubleshooting, network security monitoring, fraud monitoring, and other functions was missing. 3. What is your opinion on the importance of the IETF in the Internet eco-system?
Darin: I think the IETF input is crucial to the Internet ecosystem. The Internet must be interoperable or else we end up with differing and incompatible implementations. This where a great many standards are created, after valued discussion, to ensure that every angle that can be thought of is addressed. There are over 100 different working groups addressing a wide variety of issues.
Steve: The IETF seems to be the primary standards body that defines layers 3-5, so it is highly important. 4. What technical / protocol changes do you see coming in the next few years?
Darin: I too see the growing importance of well designed IOT devices. Although they are not overly new, I think that the number of them will continue to grow at a rapid pace. This will bring other challenges like security into play. The Internet never really stops growing, it just keeps evolving and we need standards to do it in an interoperable way.
Steve: My world is packet analysis, so what I see is the need for a renaissance of deep packet inspection. Modern applications are heavily networked, and can't be supported adequately without network level visibility, including network visibility to all 7 layers. The industry as a whole has been moving rapidly towards encryption of network traffic for security reasons, without enough understanding of what enterprise functions will break without packet payload visibility. I think the pendulum needs to swing back to a balance between security and supportability.
Dont miss this oppurtunity to join us for the event. The tickets for the event are availaible at - https://www.connections.iiesoc.in/tickets