Stuff about me

Name: Stephen Farrell

Phone: gsm (preferred): +353-87-854-0597, office: +353-1-896-2354


Home Page:

Current Employment (Previous); Teaching; Activities; Publications; Talks

Text last updated: 2011-06-11

Picture of me - don't worry, you're not missing much!

Picture last updated: ages ago, more grey now:-)


Working in IT security since 1986, I have accumulated a very broad range of engineering experience and expertise in many areas of computer security, primarily those involving the use of cryptography. Since 1995 I have been involved in a range of IT security standardization activities, which has given me the opportunity to work alongside some of the most well-known experts in the field. As well as authoring various standards documents, in the past I co-chaired an Internet engineering task force (IETF) security working group (sacred) and a world-wide web consortium (W3C) working group on XML key management (xkms), both of which groups concluded successfully - as they ought. In a similar vein, I was until recently involved in some anti-spam work as co-chair of the IETF domain keys identified mail (dkim) working group. I was also an invited expert participating in the W3C web security context working group (wsc), which was basically a group of security and browser folks who were trying to improve on the current "padlock" security indicator in browsers.

My involvement in Internet standards has recently increased quite a bit since I took over in April 2011 as one of two IETF security area directors, and hence a member of the Internet Engineering Steering Group, which is the technical management committee of the IETF. That means I now need to read, and (sort-of) "vote" on all new IETF RFCs for the next couple of years (or until they chuck me out:-). Last week, (2011-05-26 telechat), that meant reading and commenting on 623 pages of Internet-drafts, but that was a bad week - the average is 400 pages every two weeks. I'm also a member of the Internet research steering group (IRSG) which does a somewhat similar job for the far fewer documents produced by Internet research task force (IRTF) research groups.

Areas of security I've mostly worked on include Public Key Infrastructure (PKI), authorization and security for web services. In terms of my current approach to that kind of work, I would generally like to see better deployment of security technology, even if that appears to come at the expense of "purity." That represents a bit of a change from the approach we all had when we first started working on PKI.

Until I started doing more security again recently, I was really more interested in networking and, in particular, highly-challenged networks (e.g. networking in deep-space as envisaged by the group working on the InterPlaNet). That work is mainly done in the context of an IRTF group on delay tolerant networking (DTN) where I also help out as co-chair. In 2006, I co-authored what we believe is the first book about delay and disruption tolerant networking. But I don't just do DTN bureaucracy - I'm also quite involved in most of the security work being done in that context as well as in the definition of a long-haul delay tolerant protocol called LTP (RFC 5326) that was recently used (by NASA, not me) to talk to a spacecraft 25 million km away! In that context, what's most interesting to me is how DTN concepts (and maybe even concrete protocols) might form a part of the future Internet architecture, especially for its more challenged nodes (which I reckon will always exist).

In day-to-day terms, other than teaching a bit, we've recently finished an EU funded DTN project on reindeer tracking and communications services for the reindeer herders - that was called N4C (Networking for Communications Challenged Communities) and started in May 2008 for 3 years. We've published the full results of our N4C trials in the arctic, including all the code, logs etc. and there's an informal blog-like description of our 2010 trial here.

In August 2010, we started a related project on Information Centric Networking, (in our case based on DTN) - that's being done as part of a very large EU funded project (an "IP") call SAIL where TCD are working on the so-called Network of Information (NetInf, in our case a DTN-based ICN just to talk acronym-babble for a moment:-). SAIL will be my main day-to-day project in TCD until about the end of 2012. We're also doing a little work on yet another EU funded project on medical informatics, in that case providing a security model and a content security API - that's the TRANSFoRm project, but our involvement is quite small there, at least in terms of effort.

Last year, with a couple of partners, I also started up a campus company, Tolerant Networks Ltd. to do non-research DTN projects. As Tolerant Networks, we're helping out a UK company called SciSys as a subcontractor on a European Space Agency (ESA) funded study about the use of DTN protocols in space.

Before all of those I worked on an Enterprise-Ireland funded (2005 technology development fund) project on sensor networking with delay tolerance (SeNDT - intended to sound like "scent"), focused mainly on piloting some DTN based technology we had developed for environmental monitoring, in particular, lake water quality monitoring, but using delay tolerant protocols.

I'm also on the editorial board of IEEE Internet Computing magazine.

From July 2007 until April 2010 I was part-time chief technologist with NewBay software, an excellent company that provide user generated content management software and services for mobile network operators. That's a kind of Web 2.0 meets the bell heads gig, which was interesting, especially when the applications are offered to such large sets of users (in the millions).


Current Employment

Dates Organisation Position
May 2002-Date Trinity College Dublin
Research fellow, Part-time lecturer


I'm currently co-supervising (with Stefan Weber) a student (Alex McMahon) who is getting along with the work of (hopefully) acquiring a PhD on a DTN topic, which looks likely to be related to endpoint attribute discovery. Ask Alex if you want to know more. I'm also sole supervisor for Aidan Lynch, another excellent student doing an MSc. by research.

I teach a course introducing computer security (CS7053) as part of the Masters in Networking and Distributed Systems (NDS) and have supervised a number of NDS MSc dissertations (7 to date). Last year's course materials are at That course is now also available as part of TCD CS's new structured Ph.D. programme.

I also give a few lectures on DTN as part of CS7002. Materials for that are at

In past years, I taught the security part of CS-3D3, mainly about spam and one proposed anti-spam mechanism called DKIM. Even earlier, I also taught security a course as part of the ubiquitous computing MSc, and security was part of CS-4D4 for a couple of years as well.

Past exam questions (with marking schemes/answer outlines) for all of the above courses can be found at:

Dates Company Position
2007-2010 NewBay Software
Chief Technologist
1999-2003 Baltimore Technologies
Website seems to be defunct!
Chief Security Architect
Director of Research
Senior Research Associate

With NewBay I contributed to product architecture and creating product, services and operational security processes. I also established NewBay's internal patent scheme and filed a number of patent applications on NewBay's behalf. (See USPTO applications 20110004924 and 20100064377 if you care;-)

I began with Baltimore as Chief Security Architect, reporting to the Director of Research (a position I assumed in Spring 2000 until transitioning to part-time in May 2002 as Senior Research Associate, I only finally quit in June 2003). With Baltimore my main responsibilities included:

Baltimore are no longer in the technology buisness, though the company still seems to exist (sort-of). There's a wiki page about it (usual caveats!)

Earlier Employments

Dates Company Position
1992-1999 Software and Systems Engineering Ltd. (SSE), a Siemens company. (Defunct DNS name! Subsequently, SSE were subsumed into now also a defunct DNS name!)
Developer, then security architect for a range of security products. Occasional tasks included: Siemens-internal security consulting; Bid consultant; External consulting; Some standardization work
1991-1992 Silicon and Software Systems Ltd. (S3)
Project leader developing GSM test software (embedded systems) for Philips
1989-1991 Intrepid Ltd. Main security developer of telephone security product in startup company (Milcode: a CELP voice coder, encryption)
1986-1989 C.O.P.S. (Europe) Ltd. (partly re-formed as Realace Ltd following 1988 liquidation) Researcher, then project leader on EU funded R&D projects in security (ESPRIT MARS) and formal methods (ESPRIT METEOR).


Current Internet Drafts

These are all works-in-progress that may or may not become Internet RFCs. Its not a complete list, these are the ones still on the go, or that may be revived in future.







Book cover (not that nice;-)

"Delay and Disruption Tolerant Networking," Stephen Farrell and Vinny Cahill, ISBN 1-59693-063-2, Artech House, 2006.

There's a selection of book sellers here and another here. The publisher's page is here.











Internet RFCs

A note on RFCs as publications: Since I currently work in an academic institution, people care a lot about peer reviewed publications, but generally seem not to properly credit documents in the RFC series, so, with the aim of helping to redress this imbalance, here's a bit of history about one of the above RFCs. RFC 3281 is a standards-track document, published in April 2002 based on the 9th revision of the corresponding Interrnet Draft. The first version was published in April 1999 and during that three year period members of the IETF PKIX working group (with O(100) active pacticipants) publicly commented on the draft many times, for example, the list archive shows one thread discussing encoding issues that involved about a dozen different individuals. Over the entire period, perhaps O(100) independent comments were disposed of. Google scholar currently (Oct'07) returns some 263 "hits" for this RFC (though they don't seem to count as citations for some reason). The conclusion? Many, though not all, of the documents in the RFC series are important, high-quality publications that have undergone as thorough a review as a journal article and the fact that almost all aspects of that review are publicly archived gives the reader the chance to gain a much more fully-rounded understanding of the technology and its development.

Other Internet drafts

These are Internet drafts that I co-authored that were a bit interesting but didn't end up as RFCs for various reasons. They are, of course, all "expired," but still more or less available, though you might have to search.

Various activities

Things I do and don't get paid for (well, sort-of:-) Most-recent first

Academic and Industry Group-Things

Some standards things, some proposal reviewing and a few odds and ends (actually, some of this can be fun).

Programme Committees

These are the groups who review submissions for conferences etc.


Things with slides but (mostly) no papers. Fewer of these worth bothering to record these days.








2004 and before