Stuff about me
Working in IT security since 1986, I have accumulated a very broad range of
engineering experience and expertise in many areas of computer security,
primarily those involving the use of cryptography. Since 1995 I have been
involved in a range of IT security standardization activities, which has given
me the opportunity to work alongside some of the most well-known experts in the
field. As well as authoring various standards documents,
I'm currently a co-chair of the
Internet engineering task force (IETF)
homenet working group. In
the past I co-chaired
and one working on an anti-spam technology called
domain keys identified mail (dkim).
I also co-chaired a world-wide web consortium (W3C) working
group on XML key management (xkms),
and was once an invited expert participating in the W3C web security
context working group (wsc), which was
basically a group of security and browser folks who were trying to improve on
the current "padlock" security indicator in browsers.
Between 2011 and April 2017
I was one of two IETF security area directors,
and hence was a member of the Internet
Engineering Steering Group, which is the technical management committee of
the IETF. That meant I needed to read, and (sort-of) "vote" on all new IETF
RFCs for those six years . In one
telechat), that meant reading and commenting on 623 pages of
Internet-drafts, but that was a bad week - the average was 350 pages every
two weeks. So I learned (for me) a huge amount from that.
I've also previously been an "at-large"
member of the Internet research steering group (IRSG) which does a somewhat similar job
for the far fewer documents produced by Internet research task force (IRTF) research groups.
In March 2019, I was appointed to the Internet Architecture Board
that aims to "provide long-range technical direction for Internet development"
but which also does a bunch of bureaucracy as part of the IETF, handling various
appeals and appointments.
Areas of security I've mostly worked on include Public Key Infrastructure
(PKI), authorization and security for web services. In terms of my current
approach to that kind of work, I would generally like to see better deployment
of security technology, even if that appears to come at the expense of
"purity." That represents a bit of a change from the approach we all had when
we first started working on PKI.
Until I started doing more security again recently, I was really more interested in networking and, in
particular, highly-challenged networks (e.g. networking in deep-space as
envisaged by the group working on the InterPlaNet). That work is mainly done in the
context of an IRTF group on delay tolerant networking (DTN) where I
also help out as co-chair. In 2006, I co-authored what we believe is the first
book about delay and disruption tolerant networking. But I
don't just do DTN bureaucracy - I'm also quite involved in most of the security
work being done in that context as well as in the definition of a long-haul
delay tolerant protocol called LTP (RFC 5326) that was used
(by NASA, not me) to talk
to a spacecraft 25 million km away! In that context, what's most
interesting to me is how DTN concepts (and maybe even concrete protocols) might
form a part of the future Internet architecture, especially for its more
challenged nodes (which I reckon will always exist).
In day-to-day terms, other than teaching a bit,
I'm involved with some local CONNECT (a Science Foundation Ireland
research centre) on the LoRaWAN deployment within the
My most recent
EU-funded work was on a supporting action called
where we tried (and I think partly succeeded) to bridge between
security researchers and those involved in W3C and IETF
standardisation. STREWS sponsored and arranged (and I
2014 Joint IAB/W3C workshop on Strengthening the Internet
against Pervasive Monitoring
In a similar vein, I instigated and helped setup a workshop
at NDSS in 2016 to check if
TLS1.3 was Ready
Pervasive Monitoring (PM) is something that
took up a lot of my time as IETF security area
after we started getting a better picture of exactly
how much some government actors are snooping on the Internet.
That however re-invigorated a lot of Internet security
folks with the result that a lot of good progress was
made on Internet security since 2013. I helped
to lead some of that within the IETF where I was the main
titled "Pervasive Monitoring is an Attack" and
which set the scene (well, I think it did:-) for a number
of other security activities for example, the
IAB statement saying encrypt it all,
DNS Privacy working group,
TCP increase security
RFC 7435 on opportunistic security
and on confdientiality for
And lots more too.
I think it's fair to say
and working to get IETF consensus on
were both significant enough contributions to all that
happening. I've also been helping out (non-technical help
only, sadly) a bunch of folks who're trying to develop
an open-source hardware security module (HSM)
in order to try provide better confidence in the
implementation of cryptography - that's a fine
project called CrypTech
and you should help them out if you can with funds
or work. In April 2018 I joined the board of
Diamond Key Security,
a non-profit company founded to commercialise the
CrypTech designs. (At the last CrypTech face-to-face
meeting, I agreed to be the CrypTech project
community's person on that board for a couple of
Most recently, I've been implementing Encrypted SNI (ESNI) for the
OpenSSL library, and (via Tolerant Networks), we've gotten some funding from the
Open Technology Fund to support that
implementation work (the project is called Developing ESNI for OpenSSL (DEfO)). Hopefully, when the standard for ESNI matures, that'll eventually lead to encrypted SNI being
a standard feature of the OpenSSL library. Our code for that is on github.
In terms of other older projects, the most fun one was
an EU funded DTN project on reindeer tracking and
communications services for the reindeer herders - that was called N4C (Networking for Communications Challenged
Communities) and started in May 2008 for 3 years. We've published the
full results of our N4C trials
in the arctic, including all the code, logs etc. and there's an
informal blog-like description of our 2010 trial
In August 2010, we started a
related project on Information Centric Networking, (in our case based on DTN) -
that's being done as part of a very large EU funded project (an "IP") call SAIL where TCD worked on the so-called
Network of Information (NetInf, in our case a DTN-based ICN just to talk
acronym-babble for a moment:-). SAIL was my main day-to-day project in TCD
until about the end of 2012. I also did a little work on yet another EU
funded project on medical informatics, in that case providing a security model
and a content security API - that's the TRANSFoRm project, but our involvement
is quite small there, at least in terms of effort.
Also in 2010, with a couple of partners, I also started up a campus company, Tolerant Networks Ltd. to do
non-research DTN projects. As Tolerant Networks, we're worked with a UK company
called SciSys as a subcontractor on a
European Space Agency (ESA) funded study about the use of DTN protocols in
space. And we subsequently carried out another DTN study for ESA on
potential uses of DTN for (Earth orbiting) satellite. (MUDSAT)
Before all of those I worked on an Enterprise-Ireland funded (2005 technology
development fund) project on sensor networking with delay tolerance (SeNDT - intended to sound like
"scent"), focused mainly on piloting some DTN based technology we had developed
for environmental monitoring, in particular, lake water quality monitoring, but
using delay tolerant protocols.
I'm also on the editorial board of IEEE Internet Computing
magazine. And I'm a Senior Technical Advisor to the
Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG).
From July 2007 until April 2010 I was part-time chief technologist with NewBay software, an excellent company that
provide user generated content management software and services for mobile
network operators. That's a kind of Web 2.0 meets the bell heads gig, which was
interesting, especially when the applications are offered to such large sets of
users (in the millions).
||Trinity College Dublin
|Research fellow, Part-time lecturer
I teach a course on computer security and privacy (CS7NS5 aks CS4407) as part
of the Masters in Computer Science
and also other programmes and have supervised a number of NDS MSc
dissertations (~10 to date), and a PhD (Alex McMahon)
and MSc by Research (Aidan Lynch). Course materials are at
I've also taught other courses at various times (see here).
Past exam questions (with marking schemes/answer outlines) for my
courses can be found at: https://down.dsg.cs.tcd.ie/old-exams/index.html.
Website seems to be defunct!
|Chief Security Architect
Director of Research
Senior Research Associate
With NewBay I contributed to product architecture and creating product,
services and operational security processes. I also established NewBay's
internal patent scheme and filed a number of patent applications on NewBay's
behalf. (See USPTO applications 20110004924 and 20100064377 if you care;-)
I began with Baltimore as Chief Security Architect, reporting to the
Director of Research (a position I assumed in Spring 2000 until transitioning
to part-time in May 2002 as Senior Research Associate, I only finally quit in
June 2003). With Baltimore my main responsibilities included:
- Managing & leading Baltimore's non-product related R&D activities
(generally a group of 3-4 researchers)
- Managing & leading Baltimore's memberships and activities in a range
of technical industry and standards fora. (E.g. IETF, W3C, PKI forum, WAP
- In consultation with other senior staff, setting Baltimore's future
product and services strategy.
- Carrying out technical due-diligence for some acquisitions.
- Representing the company at various (primarily technical) events, e.g.
conference speaking, panel sessions, etc.
- Establishing Baltimore's patent incentive scheme.
Baltimore are no longer in the technology buisness, though the company still
seems to exist (sort-of). There's a wiki page about
it (usual caveats!)
||Software and Systems Engineering Ltd. (SSE), a Siemens company.
http://www.sse.ie/ (Defunct DNS name!
Subsequently, SSE were subsumed into http://www.guardeonic.com/ now
also a defunct DNS name!)
|Developer, then security architect for a range of security products.
Occasional tasks included: Siemens-internal security consulting; Bid
consultant; External consulting; Some standardization work
||Silicon and Software Systems Ltd. (S3)
|Project leader developing GSM test software (embedded systems) for
||Main security developer of telephone security product in startup
company (Milcode: a CELP voice coder, encryption)
||C.O.P.S. (Europe) Ltd. (partly re-formed as Realace Ltd following
||Researcher, then project leader on EU funded R&D projects in
security (ESPRIT MARS) and formal methods (ESPRIT METEOR).
There's an older list of stuff below but just covering recent (as of April 2017)
These are all works-in-progress that may or may not become Internet RFCs.
- "We're gonna need a bigger threat model", Farrell, May 2019, (a submission to the IAB DEDR workshop),
- "Deprecating TLSv1.0 and TLSv1.1," Moriarty and Farrell, March 2019,
- "Use of TLS for Email Submission and Access", Velvindron and Farrell, March 2019,
- "Related Domains By DNS", Brotman and Farrell, March 2019,
- These are currently expired, but not dead (yet:-)
- "Low-Power Wide Area Network (LPWAN) Overview", S. Farrell (ed.), Internet RFC 8376, May 2018.
- Farrell, Stephen. "Clusters of re-used keys", (preprint), March 2018. https://eprint.iacr.org/2018/299
- "Report from the Internet of Things Software Update (IOTSU) workshop 2016", Farrell et al, Internet RFC 8240, September 2017.
- Farrell, Stephen. "Requirements Analysis Required--Otherwise Targeted Monitoring Enables Pervasive Monitoring." Computer 49.3 (2016): 34-40. (Extended form locally here)
- "Report from the Strengthening the Internet (STRINT) Workshop", Farrell, et al, Internet RFC 7687, December 2015.
- "HTTP Origin Bound Authentication (HOBA)", Farrell, et al, Internet RFC 7486, March 2015.
- Farrell, Stephen. "Why Pervasive Monitoring Is Bad." IEEE Internet Computing 18.4 (2014): 4-7.
- "Pervasive Monitoring is an Attack", Farrell et al. Internet RFC 7258/BCP 188, May 2014.
- Dannewitz, Christian, et al. "Network of information (netinf) - an information-centric networking architecture."
Computer Communications 36.7 (2013): 721-735.
- "Naming Things with Hashes", Farrell et al. Internet RFC 6920, April 2013.
- Arkko, Jari, et al. "Demo: Snowcat5-Networking in Snow." (Extremecom 2012).
- Dannewitz, Christian, et al. "Network of Information (NetInf)–An information-centric networking architecture." Computer Communications 36.7 (2013): 721-735.
- Farrell, Stephen. "CRiSIS 2012 security standards tutorial." Risk and Security of Internet and Systems (CRiSIS), 2012 7th International Conference on. IEEE, 2012.
- "Delay- and Disruption-Tolerant Networking (DTN): An Alternative Solution
for Future Satellite Networking Applications," Caini et al,
Proceedings of the IEEE, Nov. 2011. DOI: http://dx.doi.org/10.1109/JPROC.2011.2158378.
- "Report on
an Arctic Summer DTN Trial," Farrell et al., Springer Wireless Networks,
volume 17, issue 5, page 1127, ISSN: 1022-0038, DoI: 10.1007/s11276-011-0323-1, July 2011.
- "The Need for a Web Security API," Turner et al. W3C Identity in the
Browser Workshop, Mountain View, Califronia, USA, May 2011.
- "Security in the Wild," Stephen Farrell, Practical Secuurity Column, IEEE Internet Computing,
vol 15, no. 3, pp 86-91, May/June 2011.
- "Bundle Security Protocol Specification", Symington et al. Internet RFC 6257, May 2011.
- "Leaky or Guessable Session Identifiers," Stephen Farrell, Practical Security Column, IEEE Internet Computing,
vol 15, no. 1, pp 88-91, January/February 2011.
- "N4C DTN Router Node: 2009 Results, 2010 Plans," Farrell et al. ExtremeCom 2010 workshop, Dharamsala, India, September 2010.
- "Endpoint Discovery and Contact Graph Routing in space and terrestrial DTNs," Stephen Farrell,
5th Advanced satellite multimedia systems conference (asma) and the 11th signal processing for space communications workshop (spsc), September 2010, Cagliari, Italy, pages 89-93, E-ISBN: 978-1-4244-6832-4, DoI: 10.1109/ASMS-SPSC.2010.5586850
- "Applications Directly using Cryptography," Stephen Farrell, Practical Secuurity Column, IEEE Internet Computing,
vol 14, no. 3, pp 84-87, May/June 2010.
- "An Internet Attribute Certificate Profile for
Authorization," Farrell et al, Internet RFC 5755, January 2010.
didn't we spot that?" Stephen Farrell, Practical Security Column, IEEE
Internet Computing, vol. 14, no. 1, pp. 84-97, January/February 2010.
- "Delay- and Disruption-Tolerant Networking for Space and Satellite
Networks," Stephen Farrell, IEEE
Satellite and Space Communications Committee newsletter, SSC
newsletter, Vol 19, no 2, December 2009.
and Disruption Tolerant Networking," Alex McMahon, Stephen Farrell,
IEEE Internet Computer, (standards column), November/December 2009.
- "Other Certificates Extension," Stephen Farrell,
Internet RFC 5697, November 2009.
Keys to the Kingdom," Stephen Farrell, Practical Security Column, IEEE
Internet Computing, vol. 13, no. 5, pp. 91-93, September/October, 2009.
N4C DTN Router Node Design," Stephen Farrell, Stefan Weber, Alex
McMahon, Eoin Meehan and Kerry Hartnett, 1st Extreme Workshop on Communication,
Laponia, Sweden, August 8-14 2009.
- "Challenge-Response System and Method,",
Farrell et al, USPTO Application US 2011/0004924, Irish Patent S2009/0506, July 2009.
- Special issue of
computer communications on delay and disruption tolerant networking,
Computer Communications, Volume 32, Issue 16, 15 October 2009, Pages
1685-1686 Vinny Cahill, Stephen Farrell and Joerg Ott (eds)
Don't Grow in Threes," Stephen Farrell, Practical Security Column, IEEE
Internet Computing, vol. 13, no. 3, pp. 96, 94-95, May/June, 2009.
Don't We Encrypt Our Email?," Stephen Farrell, Practical Security
Column, IEEE Internet Computing, vol. 13, no. 1, pp. 82-85,
the Environmental Impact of Transport Noise with Wireless Sensor
Networks," Paul McDonald, Dermot Geraghty, Ivor Humphreys, Stephen
Farrell, Transportation Research Record: Journal of the Transportation
Research Board, Transportation Research Board of the National Academies,
Washington, D.C., No. 2058, November 2008, p133 - 139, doi:
Policy Purgatory," Stephen Farrell,Practical Security Column, IEEE
Internet Computing ,vol. 12, no. 5, pp. 84-87, September/October, 2008.
- "Licklider Transmission Protocol - Motivation," Burleigh et al, Internet RFC 5325,
- "Licklider Transmission Protocol - Specification,"
Ramadas et al, Internet RFC 5326, September 2008.
- "Licklider Transmission Protocol - Security Extensions,"
Farrell et al, Internet RFC 5327, September 2008.
An Architectural Retrospective," Fall, K. Farrell, S., IEEE Journal on
Selected Areas in Communications, Volume: 26, Issue: 5, pp: 828-836, June
2008. doi: 10.1109/JSAC.2008.080609
- "Internet X.509 Public Key Infrastructure Certificate and
Certificate Revocation List (CRL) Profile," David Cooper et al.,
Internet RFC 5280, May 2008.
Storage and Data Loss," Stephen Farrell, Practical Security Column,
IEEE Internet Computing, vol 12, no. 3, pp. 90-93, May/June 2008.
- "Access Rights for Digital Objects,"
Farrell et al, USPTO Application 20100064377, Irish Patent S2008/0215
Boundaries," Stephen Farrell, Practical Security Column, IEEE Internet
Computing ,vol. 12, no. 1, pp. 93-96, January/February, 2008.
the Environmental Impact of Transport Noise Using Wireless Sensor
Networks," Paul McDonald, Dermot Geraghty, Ivor Humphreys, Stephen
Farrell, Transportation Research Board, 87th Annual Meeting, Washington,
January 13-17, 2008.
- "Evaluating LTP-T: A DTN-Friendly Transport Protocol," Stephen Farrell,
Vinny Cahill, Third International Workshop on Satellite and Space
Communications 2007 - Third International Workshop on Satellite and Space
- "Transmission protocols for challenging networks," Fahad Syed Muhammad,
Laurent Franck, Stephen Farrell, Third International Workshop on Satellite
and Space Communications 2007 - Third International Workshop on Satellite
and Space Communications 2007.
- "Sensor Networking with Delay Tolerance (SeNDT)," Paul McDonald et al.,
First International Workshop on Distributed Sensor Systems (DSS'07) in conjunction
with IEEE ICCCN 2007,
Turtle Bay Resort, Honolulu, Hawaii, USA, August 16, 2007.
- "End-by-hop Data Integrity," Stephen Farrell & Christian Jensen,
Fourth European Workshop on Security and Privacy in Ad hoc and Sensor
Networks, July 2-3, 2007, Cambridge, UK. (Here's the ppt that
Christian used for the presentation at the workshop.)
"Delay and Disruption Tolerant Networking," Stephen Farrell and
Vinny Cahill, ISBN 1-59693-063-2, Artech House, 2006.
There's a selection of book sellers here
and another here. The
publisher's page is here.
TCP Breaks: Delay- and Disruption-Tolerant Networking", Stephen
Farrell, Vinny Cahill, Dermot Geraghty, Ivor Humphreys, and Paul McDonald,
IEEE Internet Computing, vol. 10, no. 4, 2006, pp. 72-78.
- "Security Considerations in Space and Delay Tolerant Networks", Stephen
Farrell and Vinny Cahill, Space Mission Challenges for
IT 2006 conference, Pasedena, July 2006.
Revocable Attestation", Ellison, Farrell, TCD CS Tech. Report 2006-37.
- This is an idea Carl and I worked back in 2002 that wasn't published
but that we now wanted to be able to reference.
- "DomainKeys Identified Mail demonstrates good
reasons to reinvent the wheel," Stephen Farrell, EuroPKI '06, Torino, June
2006, Springer LNCS vol 4043/2006.
A Generic Delay Tolerant Transport Protocol", Stephen Farrell and Vinny
Cahill, TCD Computer Science Technical Report TCD-CS-2005-69, 7 December
- "Internet X.509 Public Key Infrastructure Certificate Management
Protocols (CMP)" C. Adams, S. Farrell, T. Kause, T. Mononen,
Internet RFC 4210, September 2005.
- (Invited) "Using the
XML Key Management Specification (and breaking X.509 rules as you go)"
Farrell, Kahan, IFIP CMS'05, Salzburg, Sep. 2005.
- The conference proceedings were published by Springer (LNCS vol
3677/2005) and the paper can also apparently be accessed (i.e. bought!)
via the following link: http://dx.doi.org/10.1007/11552055_45
- "XKMS Working Group Interoperability Status
Report", Alvaro et. al, EuroPKI 2005.
Canterbury, UK, June 2005.
- "Securely Available Credentials Protocol," S. Farrell (ed.),
Internet RFC 3767, June 2004.
- "Security in Exotic Wireless Networks", S. Farrell, J.-M. Seigneur, C. D.
Jensen in NATO Computer and Systems Sciences Series III vol 193 "Security
and Privacy in Advanced Networking Technologies", ISBN 1 58603 430 8, ISSN,
1 387-6694, IOS Press, 2004.
- "End-to-end Trust Starts with Recognition", J.-M. Seigneur, S. Farrell,
C. D. Jensen, E. Gray, and Y. Chen, in Proceedings of the First
International Conference on Security in Pervasive Computing, 2003.
flexible interplanetary Internet", presented at the 37th ESLAB
Symposium, "TOOLS AND TECHNOLOGIES FOR FUTURE PLANETARY EXPLORATION", (workshop
site) ESTEC, Noordwijk, The Netherlands, 2-4 December 2003.
- This is really a minor update of the RAST2003 paper below (events
within weeks of one another don't allow much work in between!).
Supplementary materials are here inlcuding the
conference presentation (ppt).
an Interplanetary Internet", S. Farrell, C.D. Jensen, in "Proceedings
of the International Conference on Recent Advances in Space Technologies"
(RAST2003), Istanbul, Turkey,
November 2003, IEEE Catalog Number: 03EX743, ISBN 0-7803-8142-4.
- Supplementary materials are here inlcuding the
conference presentation (ppt, html).
- "Trajectory based addressing", Farrell, 8th
Cabernet radicals workshop: (position
paper), October 2003.
- Note: this is an intentionally silly/controversial proposal as
encouraged in the workshop cfp - so don't take it too seriously, though
it could work I guess
- "An Internet Attribute Certificate Profile for Authorization," S.
Farrell, R. Housley, Internet RFC 3281,April 2002.
ubiquitous computing based on entity recognition", Jean-Marc Seigneur,
Stephen Farrell, Christian Damsgaard Jensen, in Ubicomp2002 Security
Workshop, Göteborg, October 2002.
- "Reuse of CMS Content Encryption Keys," S. Farrell, S. Turner,
Internet RFC 3185, October 2001.
- "Securely Available Credentials - Requirements," A. Arsenault, S.
Farrell, Internet RFC 3157, August 2001.
- WAP Public Key Infrastructure Specification, June 2001, [editor] (http://www.wapforum.org/what/technical.htm)
- "XBULK",Farrell et al. July 2001 (http://xml.coverpages.org/x-bulk200107Draft.pdf)
- "Outlining Wireless Public Key Infrastructure", Farrell, December 2000.
(Can't seem to find a copy of that;-)
- "The WAP Forum's Wireless Public Key Infrastructure," Stephen
Farrell,Information Security Technical Report, Volume 5, Number 3, 1
September 2000, pp. 23-31(9) Elsevier, DOI:
- "AAA Authorization Requirements," S. Farrell, J. Vollbrecht, P.
Calhoun, L. Gommans, G. Gross, B. de Bruijn, C. de Laat, M. Holdrege, D.
Spence, Internet RFC 2906, August 2000.
- "AAA Authorization Application Examples," J. Vollbrecht, P.
Calhoun, S. Farrell, L. Gommans, G. Gross, B. de Bruijn, C. de Laat, M.
Holdrege, D. Spence, Internet RFC 2905, August 2000.
- "AAA Authorization Framework," J. Vollbrecht, P. Calhoun,
S. Farrell, L. Gommans, G. Gross, B. de Bruijn, C. de Laat, M. Holdrege, D.
Spence, Internet RFC 2904, August 2000.
- "Internet X.509 Public Key Infrastructure Certificate Management
Protocols," C. Adams, S. Farrell, Internet RFC 2510, March 1999.
- "System and Method for gaining access to information in a distributed
computer system", Farrell et al, WIPO patent filing: WO 98/39889, March
- "DEDICA EDI Security Function API specification", Farrell, 1997 (http://www.ejeisa.com/nectar/dedica/5.1/)
A note on RFCs as publications: Since I currently work in an academic
institution, people care a lot about peer reviewed publications, but generally
seem not to properly credit documents in the RFC series, so, with the aim of
helping to redress this imbalance, here's a bit of history
about one of the above RFCs. RFC
3281 is a standards-track
document, published in April 2002 based on the 9th
revision of the corresponding Interrnet Draft. The first
version was published in April 1999 and during that three year period
members of the IETF PKIX working
group (with O(100) active pacticipants) publicly commented on the draft many
times, for example, the list archive shows one thread
discussing encoding issues that involved about a dozen different individuals.
Over the entire period, perhaps O(100) independent comments were disposed of.
Google scholar currently (April 2017) returns some 702
citations for this RFC.`
The conclusion? Many, though not all, of the documents in the RFC
series are important, high-quality publications that have undergone as thorough
a review as a journal article and the fact that almost all aspects of that
review are publicly archived gives the reader the chance to gain a much more
fully-rounded understanding of the technology and its development.
Other Internet drafts
These are Internet drafts that I co-authored that were a bit interesting but
didn't end up as RFCs for various reasons. They are, of course, all "expired,"
but still more or less available, though you might have to search.
- "The NetInf Protocol," Kutscher, et al, February 2013,
- "A Fast-Track way to RFC with Running Code", Farrell, January 2013,
- "The Named Information (ni) URI Scheme: Optional Features", Hallam-Baker et al, June 2012,
- "Bundle Protocol Query Extension Block," Farrell, et al, May 2012,
- "Public Key Checking Protocol", Farrell, February 2012,
- "Delay-Tolerant Networking Security
Overview", Farrell et al, March 2009, draft-irtf-dtnrg-sec-overview
- "DTN Key Management Requirements", Stephen Farrell, June 2007, draft-farrell-dtnrg-km
- Myers et al., "Online Certificate Status Protocol, version 2", March
- Farrell, Perlman, Kaufman, Rose, "Securely Available Credentials - The
PDM Protocol", June 2001,draft-ietf-sacred-protocol-beep-pdm-00.txt
- Calhoun, Farrell, Bulley, "Diameter CMS Security Application", March
(expired, essentially updated...)
- Calhoun, Farrell, Bulley, "Diameter End-2-End Security Extension", May
(expired, essentially updated...)
- Calhoun, Farrell, Bulley, "DIAMETER Strong Security Extension", March
- Rosen et al., "Geolocation/Privacy Object Requirements", July 2000,
Internet Draft (expired) http://iptel.org/info/players/ietf/location/draft-rosen-geopriv-requirements-00.txt
- Rosen et al., "Spatial Location Protocol Requirements", July 2000, http://iptel.org/info/players/ietf/location/draft-rosen-spatial-requirements-00.txt
- S. Farrell, "TLS extensions for Attribute Certificate based
authorization", Aug. 1998, Internet Draft (expired). http://www.ietf.org/proceedings/99jul/I-D/draft-ietf-tls-attr-cert-01.txt
- E. Baize, S. Farrell, and T. Parker. "The SESAME GSS-API Mechanism",
November 1996. Internet Draft (expired). http://choices.cs.uiuc.edu/Security/nephilim/draft-ietf-cat-sesamemech-02.txt
- Housley, R., Ford, W., Farrell, S., Solo, D., "Internet Public key
infrastructure", November 1995, Internet Draft (expired). http://www.watersprings.org/pub/id/draft-ietf-pkix-ipki-00.txt
Note that stuff below here isn't really maintained anymore. Maybe some
day, but I doubt it;-)
Things I do and don't get paid for (well, sort-of:-) Most-recent first
Academic and Industry Group-Things
Some standards things, some proposal reviewing and a few odds and ends
(actually, some of this can be fun).
- Proposal reviewer for the Canadian Natural Sciences and Engineering
Research Council discovery grant programme.
- Proposal reviewer for the Irish National
Digital Research Centre "translational" research programme.
- Proposal reviewer for the Foundation for
Polish Science MASTER programme.
- There's a lot of reviewing about recently:-)
- Member of the IEEE Communications Society Satellite and Space
Communications Technical Committee http://www.comsoc.org/socstr/org/operation/techcom/ssc/index.html
(Since May 2009)
- Member of the editorial board of IEEE Internet Computing
magazine (since July 2008).
- Guest Editor, Elsevier Computer Communications special
issue on DTN.
- Proposal reviewer for the 1st FP7 security call (June 2007). http://cordis.europa.eu/fp7/home_en.html
- I co-chaired a BoF on trust anchor management at the Chicago IETF (July
2007) - went fairly well but there wasn't enough of a constituency for a
new working group - the PKIX WG subsequently "adopted" this as a work
- I take part in the W3C web security
context WG as an Invited Expert. That started in Nov '06, and is aiming
to do something a bit better than a padlock in the browser, though its
difficult to improve such an installed base, so we'll see what happens.
- Since they now do something (review all I-Ds on the IESG agenda), its
perhaps worth noting that I'm a member of the IETF security area
- As co-chair of the DTN research group, I'm also a member of the IRTF Internet Research Steering Group,
(no not that one:-) but its
role is less mature (i.e. it does less:-)
- Proposal reviewer for the 2006 call for the new EU security research
preparatory activity - PASR http://ec.europa.eu/enterprise/security/index_en.htm
- Co-chair of the Internet research task force (IRTF) delay tolerant networking research
- Co-chair of the IETF Domain Keys Identified Mail working group.
- Proposal reviewer (again) for the 2005 call for the new EU security
research preparatory activity - PASR http://europa.eu.int/comm/research/security/index_en.html
- Acted as a proposal reviewer for the then new EU security research
preparatory activity (PASR) in 2004 http://europa.eu.int/comm/research/security/index_en.html
- In Nov 2004 I agreed to help out as a member of the Design Team for the
revision of the main IETF PKI standard (RFC 3280). Believe it or not, that
took until May 2008!
- Acted as a project reviewer for an EU 5-th framework project. (I wish I
remembered more, but it wasn't a great project unfortunately;-)
- Chair of the Internet Society's (http://www.isoc.org/) Interplanetary
Networking special interest group (http://www.ipnsig.org/)
- Co-chair of the W3C xkms working group (http://www.w3.org/2001/XKMS/)
- June 2005: W3C issued a press-release
to the effect that we'd finished the work on XKMS2.0!
- October 2005: The working group will formally finish at the end of
- Co-chair of IETF sacred working group (http://www.ietf.org/html.charters/sacred-charter.html)
- This group had met all its milestones in 2004, but was kept on
life-support in the hope that some IPR would be freed up, but
unfortunately that hasn't happened (as of Oct'05). So the group has now
been closed (Jan'06).
- In the now not so recent past, I have been a (more-or-less) active
participant in the following standards activities and organisations:
- Member Internet2 PKI advisory board (http://middleware.internet2.edu/pkilabs/advisory-board.shtml
- Defunct URL.)
- Member IPv6 task force (http://www.ipv6tf.org/ - Defunct
- Member Internet Research Task Force, AAARCH research group (http://www.irtf.org/charter?gtype=old-rg&group=aaaarch
- RG now concluded)
- Older things:
- Some EU funded projects I've worked on:
These are the groups who review submissions for conferences etc. I've mostly stopped adding to
- SAINT2012 : The 12th IEEE/IPSJ International Symposium on Applications and the Internet, Izmir, TURKEY, July 16-20, 2012.
- Extremecom 2012 - 4th Extreme Conference on Communication, The Alpine Expedition, Zurich, Switzerland, March 2012.
- Fifth ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec 2012) Tucson, Arizona, USA, April 16-18, 2012.
- WODTN 2011 International Workshop
on Opportunistic and Delay/Disruption-Tolerant Networking, Brest, France, October 2011.
- Infoapp 2011 1st International Workshop on
Information-Centric Networking and Applications (INFOAPP 2011)
Munich, Germany, July 2011.
- Extremecom 2011 - 3rd Extreme Conference on Communication, The Amazon Expedition, Manaus, Brazil, September 2011.
- Chants 2011 ACM MobiCom Workshop on Challenged Networks (Chants 2011)
Las Vegas, Nevada - September 23, 2011
- Sigcomm-ICN ACM SIGCOMM Workshop on
Information-Centric Networking (ICN-2011)
Toronto, Canada, August 2011.
- Extremecom 2010, 2nd Extreme Workshop on Communication, The
Himalyan Expedition, Dharamsala, India, September 2010.
- Chants 2010 ACM MobiCom Workshop on
Challenged Networks, Chicago, Illinois, USA, September 2010.
- SESOC 2010Security
and Social Networking, Mannheim, Germany, March 2010.
- EuroPKI '10 - The 7th
European Workshop on Public Key Services, Applications and Infrastructures
(EuroPKIâ10), to be held in Athens, Greece, September
- The Second
International Conference on Advances in Satellite and Space
Communications, SPACOMM 2010, June 13-19, 2010 - Athens, Greece
- 9th Symposium on
Identity and Trust on the Internet (IDtrust 2010), April 13-15 2010,
- 3rd International Workshop
on OMNeT++ (OMNeT++ 2010), Torremolinos, Malaga, Spain - March 15-19
- SESOC 2010, IEEE International
Workshop on SECurity and SOCial Networking, Mannheim, Germany, March 29,
- ACM MobiCom Workshop on Challenged Networks (Chants 2009) Beijing, China
- September 25, 2009. http://www.thlab.net/chants2009/
- Sixth European Workshop on Public Key Services, Applications and
Infrastructures, 9-11 September, 2009, Pisa, Italy. http://www.iit.cnr.it/EUROPKI09/
- 1st Extreme Workshop on Communication (ExtremeCom) - Midnight Sun
Expedition, August 2009, Laponia, Sweden. http://www.extremecom.org/
- SPACOMM 2009, The First International Conference on Advances in Satellite
and Space Communications, Colmar, France, July 2009. http://www.iaria.org/conferences2009/SPACOMM09.html
- 2nd International Workshop on OMNeT++, March 2009. http://www.omnet-workshop.org/2009/
- 8th Symposium on Identity and Trust on the Internet (IDtrust 2009). http://middleware.internet2.edu/idtrust/
- ACM Mobicom Workshop on Challenged Networks, CHANTS'08, http://wavedesk.usc.edu/chants/
- The Third International Conference on Systems and Networks Communication,
ICSNC 2008, SPACOM: Space Communications, http://www.iaria.org/conferences2008/ICSNC08.html
- Workshop on Security and High Performance Computing Systems, SHPCS'08, http://www.diiga.univpm.it/~spalazzi/nicosia/
- 2nd International IEEE Workshop on Autonomic and Opportunistic
Communications (AOC2008) http://cnd.iit.cnr.it/aoc2008/
- 5th European PKI workshop. http://www.item.ntnu.no/europki08/
- 7th Symposium on Identity and Trust on the Internet (IDtrust 2008). http://middleware.internet2.edu/idtrust/2008/
- Special Session on "Delay Tolerant, Mobile and Sensor Networks," 16th
Euromicro International Conference on Parallel, Distributed and
network-based Processing (PDP 2008). http://www.labri.fr/~chaumett/research/sessions/dtmsn-pdp-08/dtmsn-pdp-08.html
- ACM Mobicom Workshop on Challenged Networks (CHANTS 2007), Montreal,
Canada, September 14, 2007. http://chants-2007.netlab.tkk.fi/
- 2nd International Workshop on Ubiquitous Application & Security
Service (UASS-07), Kuala Lumpur, Malaysia, August 26-29, 2007, http://sun.dju.ac.kr/~uass07
- 4th European PKI workshop: Theory and Practice, 28-30 June 2007,
Mallorca, Spain, http://dmi.uib.es/europki07
- 3rd IEEE Symposium on Security in Networks and Distributed Systems (SSNDS), Niagra Falls, May 21-23,
- PKI R&D workshop
- CMS 2006, 10th IFIP Conference on Communications and Multimedia Security,
October 19-21 2006. http://www.ics.forth.gr/cms06/
- "Mini-workshop" on next generation infrastructure for deep
space communications, which preceeds the Space Mission Challenges for
IT 2006 conference.
- EuroPKI 06
- 5th annual PKI research
- EuroPKI 05
- 4th annual PKI research
- CMS 2004, Eighth IFIP TC-6 TC-11 Conference on Communications and
Multimedia Security, September 15 - 18 2004 (http://sec.isi.salford.ac.uk/cms2004/index.html)
- 1st European PKI workshop (http://www.aegean.gr/EuroPKI2004)
- 3rd annual PKI research workshop (http://middleware.internet2.edu/pki04/)
- 2nd annual PKI research workshop (http://middleware.internet2.edu/pki03/)
- 2002 ACM Workshop on XML Security http://www.acm.org/sigs/sigsac/ccs/CCS2002/CFP/XMLSec2002.html
- 1st annual PKI research workshop (http://www.cs.dartmouth.edu/~pki02/)
- Second International Workshop on Enterprise Security, WETICE97 (http://www.cerc.wvu.edu/WETICE/WETICE97/)
Things with slides but (mostly) no papers. I've stopped adding to this bit too
- Dagstuhl ICN
seminar - "DTNing ICN," (pdf)
- I gave a talk in the University of Aberdeen about the summer 2009 N4C
trial (pdf) in
- Talk (for NewBay) on Java
scalability for the Irish Java Technology Conference, Dublin, November
- Invited plenary talk on security boundaries for
the Open Group's enterprise architects conference,
Budapest, Hungary, October 22nd 2007.
- Talk on DTN stuff I gave to the Hamilton Institute in NUI Maynooth - LARGE (17MB)
- This is almost identicial to the Nokia one below.
- Talk on DTN stuff I gave to Nokia Research in June - LARGE
- WoWMOM Workshop on autonomic computing - my panel slides
- I hosted a meeting
of the DTNRG here in TCD in May, as
part of which I spoke about starting work on DTN
key managment and AAA for
DTNs (both ppt).
- I delivered a talk on the World Wide Web Consortium's (W3C's) security
work to the IETF security area advisory group on behalf of Thomas
Roessler (the W3C security team leader).
2004 and before
- S. Burleigh (JPL), H. Kruse (Ohio U), S. Farrell (Trinity College), "LTP: An
Overview" (talk) DTNRG meeting, August 2004.
Certification Authority Operators meeting, December 2003, "Security
standards and how they might Grid-ify"
workshop on advanced security technologies in networking, September
in Mobile Networks"
- Security and protection of
information, April 2003, "Distributed Authorisation Infrastructures,
X.509 Attribute Certificates and SAML" (ppt)
- Catalyst Europe, October 2001: "Security and web services" (http://www.burtongroup.com/guests/doc.asp?docid=423)
- RSA Conference, April 2001: "Wireless PKI" (http://www.rsaconference.com/rsa2001/)
- Global Internet project meeting, November 2000: Panel on security (http://www.gip.org/publications/papers/draftberlinworkshop.asp)
- IPv6 conference talk, November 2000: "The impact of IPv6 on higher layer
security mechanisms" (organiser
- Data security nordic, October 2000, "XML Signatures", (organiser link)
- Baltimore convention, September 2000: "Future Developments in PKI
- Nato Advanced Networking Workshop (SETCCE), June 2000: "Wireless
- RSA conference, January 2000: "The Attribute Certificate in X.509 and the
IETF", (with Hoyt Kesterson) (http://www.rsaconference.com/rsa2000/)