A major standard-setting body has called for all Internet applications to be encrypted by default. Heeding this advice would make it difficult for unauthorized parties to scoop up data.

Upon a backdrop of high-profile hacks and government snooping, the Internet Architecture Board argues that encryption must be the norm—and that it can be.

This aligns with a Request for Comments published over the summer encouraging encryption as a response to surveillance. The statement doesn't pinpoint government intelligence agencies, but the specified RFC calls “pervasive monitoring” an attack on the Internet.

The IAB oversees the Internet Engineering Task Force (IETF), which promotes voluntary Internet standards. They regularly publish RFCs to guide development and Internet technical standards. The body was originally the brainchild of the U.S. Department of Defense, but has since morphed into a global entity.

According to the IAB, the organization has supported privacy-minded measures, like encryption, from the beginning, and pointed to RFC 1984 from 1996, which encourages cryptographic technology to ensure privacy on the Internet.

A call to arms

The IAB means business and is not opting for weak protection. From the statement:

“We recommend that encryption be deployed throughout the protocol stack since there is not a single place within the stack where all kinds of communication can be protected.”

To backtrack a little bit, the Internet is made up of a tangled suite of protocols, like TCP/IP guiding the exchange of data. The IAB is calling for protection that penetrates each slice of the “stack,” leaving no cracks and fully protecting information.

The IAB calls on a host of Internet professionals—whether developers, network and service operators, or firewall policy administrators—to jump aboard and work furiously to employing encryption at all levels.

Closing thoughts

In the wake of Snowden's revelations, many companies are jumping on the privacy bandwagon, even if it is not a cornerstone of the Internet. Bitcoin has seen its own surge in privacy-minded applications.

There are plenty of operating systems offering encryption, making it more difficult for anyone, hackers or legal authorities, to tap into devices. Recently, Google and Apple introduced encryption by default, despite FBI resistance. Electronic Frontier Foundation is often at the forefront of encouraging encryption.

For the IAB, promoting encryption is necessary to revive trust in the Internet:

“We acknowledge that this will take time and trouble, though we believe recent successes in content delivery networks, messaging, and Internet application deployments demonstrate the feasibility of this migration.”

The organization wraps up the statement with a long- and short-term mission: to nurture the development of new projects. Again, the IAB means business. The ultimate goal is “to move to an Internet where traffic is confidential by default.”


Did you enjoy this article? You may also be interested in reading these ones: