Russ Housley

Russ Housley has worked in the computer and network security field since 1982, and he founded Vigil Security, LLC in September 2002. Russ served as the IETF Chair from March 2007 to March 2013. Russ served on the IAB from March 2007 to March 2017, and he served as IAB Chair from March 2013 to March 2015. Russ served as a member of the Internet Research Steering Group (IRSG) from May 2013 to March 2017. Russ served as Security Area Director from March 2003 to March 2007. His security research and standards interests include security protocols, certificate management, cryptographic key distribution, and high assurance design and development practices. In November 2004, Russ was recognized by the IEEE 802.11 working group for his contributions to IEEE 802.11i-2004, which fixes the severe security shortcoming of the Wired Equivalent Privacy (WEP). Russ received his B.S. in computer science from Virginia Tech in 1982, and he received his M.S. in computer science from George Mason University in 1992.
Roles
Chair of Software Updates for Internet of Things (suit) | housley@vigilsec.com |
Chair of IP Wireless Access in Vehicular Environments (ipwave) | housley@vigilsec.com |
Chair of Limited Additional Mechanisms for PKIX and SMIME (lamps) | housley@vigilsec.com |
Chair of Community Coordination Group (ccg) | housley@vigilsec.com |
Chair of Secure Telephone Identity Revisited (stir) | housley@vigilsec.com |
Liaison Manager for IEEE-SA (ieee-sa) | housley@vigilsec.com |
Member of IANA (iana-evolution) | housley@vigilsec.com |
Member of Liaison Oversight (liaison-oversight) | housley@vigilsec.com |
Member of The Tools Team (tools) | housley@vigilsec.com |
Reviewer in Security Area Directorate (secdir) | housley@vigilsec.com |
Reviewer in General Area Review Team (Gen-ART) (genart) | housley@vigilsec.com |
Reviewer in Internet of Things Directorate (iotdir) | housley@vigilsec.com |
RFCs (98)
rfc1457 | May 1993 | Security Label Framework for the Internet Cited by 2 RFCs |
rfc2459 | Jan 1999 | Internet X.509 Public Key Infrastructure Certificate and CRL Profile Cited by 45 RFCs |
rfc2528 | Mar 1999 | Internet X.509 Public Key Infrastructure Representation of Key Exchange Algorithm (KEA) Keys in Internet X.509 Public Key Infrastructure Certificates Cited by 3 RFCs |
rfc2585 | May 1999 | Internet X.509 Public Key Infrastructure Operational Protocols: FTP and HTTP Cited by 24 RFCs |
rfc2630 | Jun 1999 | Cryptographic Message Syntax Cited by 47 RFCs |
rfc2773 | Feb 2000 | Encryption using KEA and SKIPJACK Cited by 3 RFCs |
rfc2943 | Sep 2000 | TELNET Authentication Using DSA Cited by 1 RFC |
rfc2951 | Sep 2000 | TELNET Authentication Using KEA and SKIPJACK Cited by 1 RFC |
rfc3217 | Dec 2001 | Triple-DES and RC2 Key Wrapping Cited by 5 RFCs |
rfc3279 | May 2002 | Algorithms and Identifiers for the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile Cited by 54 RFCs |
rfc3280 | May 2002 | Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile Cited by 103 RFCs |
rfc3281 | May 2002 | An Internet Attribute Certificate Profile for Authorization Cited by 24 RFCs |
rfc3369 | Sep 2002 | Cryptographic Message Syntax (CMS) Cited by 16 RFCs |
rfc3370 | Sep 2002 | Cryptographic Message Syntax (CMS) Algorithms Cited by 43 RFCs |
rfc3378 | Sep 2002 | EtherIP: Tunneling Ethernet Frames in IP Datagrams |
rfc3379 | Sep 2002 | Delegated Path Validation and Delegated Path Discovery Protocol Requirements Cited by 3 RFCs |
rfc3394 | Oct 2002 | Advanced Encryption Standard (AES) Key Wrap Algorithm Cited by 25 RFCs |
rfc3537 | May 2003 | Wrapping a Hashed Message Authentication Code (HMAC) key with a Triple-Data Encryption Standard (DES) Key or an Advanced Encryption Standard (AES) Key Cited by 3 RFCs |
rfc3560 | Jul 2003 | Use of the RSAES-OAEP Key Transport Algorithm in Cryptographic Message Syntax (CMS) Cited by 12 RFCs |
rfc3610 | Sep 2003 | Counter with CBC-MAC (CCM) Cited by 17 RFCs |
rfc3686 | Jan 2004 | Using Advanced Encryption Standard (AES) Counter Mode With IPsec Encapsulating Security Payload (ESP) Cited by 23 RFCs |
rfc3709 | Feb 2004 | Internet X.509 Public Key Infrastructure: Logotypes in X.509 Certificates Cited by 2 RFCs |
rfc3770 | May 2004 | Certificate Extensions and Attributes Supporting Authentication in Point-to-Point Protocol (PPP) and Wireless Local Area Networks (WLAN) Cited by 2 RFCs |
rfc3852 | Jul 2004 | Cryptographic Message Syntax (CMS) Cited by 68 RFCs |
rfc3874 | Sep 2004 | A 224-bit One-way Hash Function: SHA-224 Cited by 7 RFCs |
rfc4049 | Apr 2005 | BinaryTime: An Alternate Format for Representing Date and Time in ASN.1 Cited by 3 RFCs |
rfc4055 | Jun 2005 | Additional Algorithms and Identifiers for RSA Cryptography for use in the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile Cited by 39 RFCs |
rfc4073 | May 2005 | Protecting Multiple Contents with the Cryptographic Message Syntax (CMS) Cited by 8 RFCs |
rfc4107 | Jun 2005 | Guidelines for Cryptographic Key Management Cited by 62 RFCs |
rfc4108 | Aug 2005 | Using Cryptographic Message Syntax (CMS) to Protect Firmware Packages Cited by 15 RFCs |
rfc4309 | Dec 2005 | Using Advanced Encryption Standard (AES) CCM Mode with IPsec Encapsulating Security Payload (ESP) Cited by 15 RFCs |
rfc4325 | Dec 2005 | Internet X.509 Public Key Infrastructure Authority Information Access Certificate Revocation List (CRL) Extension Cited by 1 RFC |
rfc4334 | Feb 2006 | Certificate Extensions and Attributes Supporting Authentication in Point-to-Point Protocol (PPP) and Wireless Local Area Networks (WLAN) Cited by 5 RFCs |
rfc4630 | Aug 2006 | Update to DirectoryString Processing in the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile Cited by 3 RFCs |
rfc4705 | Oct 2006 | GigaBeam High-Speed Radio Link Encryption Cited by 1 RFC |
rfc4853 | Apr 2007 | Cryptographic Message Syntax (CMS) Multiple Signer Clarification Cited by 2 RFCs |
rfc4962 | Jul 2007 | Guidance for Authentication, Authorization, and Accounting (AAA) Key Management Cited by 37 RFCs |
rfc5008 | Sep 2007 | Suite B in Secure/Multipurpose Internet Mail Extensions (S/MIME) Cited by 2 RFCs |
rfc5055 | Dec 2007 | Server-Based Certificate Validation Protocol (SCVP) Cited by 11 RFCs |
rfc5083 | Nov 2007 | Cryptographic Message Syntax (CMS) Authenticated-Enveloped-Data Content Type Cited by 25 RFCs |
rfc5084 | Nov 2007 | Using AES-CCM and AES-GCM Authenticated Encryption in the Cryptographic Message Syntax (CMS) Cited by 14 RFCs |
rfc5280 | May 2008 | Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile Cited by 252 RFCs |
rfc5430 | Mar 2009 | Suite B Profile for Transport Layer Security (TLS) Cited by 3 RFCs |
rfc5480 | Mar 2009 | Elliptic Curve Cryptography Subject Public Key Information Cited by 34 RFCs |
rfc5485 | Mar 2009 | Digital Signatures on Internet-Draft Documents Cited by 4 RFCs |
rfc5649 | Sep 2009 | Advanced Encryption Standard (AES) Key Wrap with Padding Algorithm Cited by 13 RFCs |
rfc5652 | Sep 2009 | Cryptographic Message Syntax (CMS) Cited by 115 RFCs |
rfc5742 | Dec 2009 | IESG Procedures for Handling of Independent and IRTF Stream Submissions Cited by 25 RFCs |
rfc5755 | Jan 2010 | An Internet Attribute Certificate Profile for Authorization Cited by 14 RFCs |
rfc5756 | Jan 2010 | Updates for RSAES-OAEP and RSASSA-PSS Algorithm Parameters Cited by 2 RFCs |
rfc5781 | Feb 2010 | The rsync URI Scheme Cited by 13 RFCs |
rfc5877 | May 2010 | The application/pkix-attr-cert Media Type for Attribute Certificates Cited by 1 RFC |
rfc5878 | May 2010 | Transport Layer Security (TLS) Authorization Extensions Cited by 4 RFCs |
rfc5914 | Jun 2010 | Trust Anchor Format Cited by 11 RFCs |
rfc5934 | Aug 2010 | Trust Anchor Management Protocol (TAMP) Cited by 9 RFCs |
rfc5940 | Aug 2010 | Additional Cryptographic Message Syntax (CMS) Revocation Information Choices Cited by 1 RFC |
rfc6010 | Sep 2010 | Cryptographic Message Syntax (CMS) Content Constraints Extension Cited by 8 RFCs |
rfc6019 | Sep 2010 | BinaryTime: An Alternate Format for Representing Date and Time in ASN.1 Cited by 7 RFCs |
rfc6031 | Dec 2010 | Cryptographic Message Syntax (CMS) Symmetric Key Package Content Type Cited by 9 RFCs |
rfc6032 | Dec 2010 | Cryptographic Message Syntax (CMS) Encrypted Key Package Content Type Cited by 7 RFCs |
rfc6170 | May 2011 | Internet X.509 Public Key Infrastructure -- Certificate Image Cited by 1 RFC |
rfc6318 | Jun 2011 | Suite B in Secure/Multipurpose Internet Mail Extensions (S/MIME) Cited by 2 RFCs |
rfc6360 | Aug 2011 | Conclusion of FYI RFC Sub-Series Cited by 2 RFCs |
rfc6410 | Oct 2011 | Reducing the Standards Track to Two Maturity Levels Cited by 275 RFCs |
rfc6460 | Jan 2012 | Suite B Profile for Transport Layer Security (TLS) Cited by 4 RFCs |
rfc6852 | Jan 2013 | Affirmation of the Modern Paradigm for Standards Cited by 1 RFC |
rfc7020 | Aug 2013 | The Internet Numbers Registry System Cited by 6 RFCs |
rfc7036 | Oct 2013 | Object Identifier Registry for the Long-Term Archive and Notary Services (LTANS) Working Group |
rfc7107 | Jan 2014 | Object Identifier Registry for the S/MIME Mail Security Working Group Cited by 2 RFCs |
rfc7191 | Apr 2014 | Cryptographic Message Syntax (CMS) Key Package Receipt and Error Content Types Cited by 4 RFCs |
rfc7193 | Apr 2014 | The application/cms Media Type Cited by 3 RFCs |
rfc7210 | Apr 2014 | Database of Long-Lived Symmetric Cryptographic Keys Cited by 5 RFCs |
rfc7229 | May 2014 | Object Identifiers for Test Certificate Policies Cited by 1 RFC |
rfc7249 | May 2014 | Internet Numbers Registries Cited by 4 RFCs |
rfc7299 | Jul 2014 | Object Identifier Registry for the PKIX Working Group Cited by 2 RFCs |
rfc7500 | Apr 2015 | Principles for Operation of Internet Assigned Numbers Authority (IANA) Registries Cited by 1 RFC |
rfc7696 | Nov 2015 | Guidelines for Cryptographic Algorithm Agility and Selecting Mandatory-to-Implement Algorithms Cited by 17 RFCs |
rfc7760 | Jan 2016 | Statement of Work for Extensions to the IETF Datatracker for Author Statistics |
rfc7906 | Jun 2016 | NSA's Cryptographic Message Syntax (CMS) Key Management Attributes |
rfc7979 | Aug 2016 | Response to the IANA Stewardship Transition Coordination Group (ICG) Request for Proposals on the IANA Protocol Parameters Registries Cited by 1 RFC |
rfc8090 | Feb 2017 | Appointment Procedures for the IETF Representatives to the Community Coordination Group (CCG) |
rfc8103 | Feb 2017 | Using ChaCha20-Poly1305 Authenticated Encryption in the Cryptographic Message Syntax (CMS) |
rfc8358 | Mar 2018 | Update to Digital Signatures on Internet-Draft Documents |
rfc8399 | May 2018 | Internationalization Updates to RFC 5280 |
rfc8418 | Aug 2018 | Use of the Elliptic Curve Diffie-Hellman Key Agreement Algorithm with X25519 and X448 in the Cryptographic Message Syntax (CMS) Cited by 2 RFCs |
rfc8419 | Aug 2018 | Use of Edwards-Curve Digital Signature Algorithm (EdDSA) Signatures in the Cryptographic Message Syntax (CMS) Cited by 2 RFCs |
rfc8423 | Jul 2018 | Reclassification of Suite B Documents to Historic Status |
rfc8591 | Apr 2019 | SIP-Based Messaging with S/MIME |
rfc8619 | Jun 2019 | Algorithm Identifiers for the HMAC-based Extract-and-Expand Key Derivation Function (HKDF) Cited by 1 RFC |
rfc8649 | Aug 2019 | Hash Of Root Key Certificate Extension |
rfc8696 | Dec 2019 | Using Pre-Shared Key (PSK) in the Cryptographic Message Syntax (CMS) |
rfc8708 | Feb 2020 | Use of the HSS/LMS Hash-Based Signature Algorithm in the Cryptographic Message Syntax (CMS) |
rfc8720 | Feb 2020 | Principles for Operation of Internet Assigned Numbers Authority (IANA) Registries |
rfc8729 | Feb 2020 | The RFC Series and RFC Editor |
rfc8773 | Mar 2020 | TLS 1.3 Extension for Certificate-Based Authentication with an External Pre-Shared Key |
rfc8778 | Apr 2020 | Use of the HSS/LMS Hash-Based Signature Algorithm with CBOR Object Signing and Encryption (COSE) |
rfc8862 | Jan 2021 | Best Practices for Securing RTP Media Signaled with SIP Cited by 1 RFC |
rfc8933 | Oct 2020 | Update to the Cryptographic Message Syntax (CMS) for Algorithm Identifier Protection |
Active Drafts (11)
- draft-ietf-lamps-crmf-update-algs
- draft-ietf-lamps-cms-aes-gmac-alg
- draft-ietf-cose-countersign
- draft-ietf-tls-external-psk-guidance
- draft-ietf-netconf-sztp-csr
- draft-ietf-opsawg-finding-geofeeds
- draft-ietf-sidrops-aspa-profile
- draft-santesson-svt-xml
- draft-santesson-svt-pdf
- draft-santesson-svt
- draft-ymbk-opsawg-finding-geofeeds
Expired Drafts excluding replaced drafts
- draft-cooper-shmo-questions
- draft-ietf-iasa2-rfc6702-bis
- draft-rhrd-tls-tls13-visibility
- draft-green-tls-static-dh-in-tls13
- draft-housley-lamps-cms-sha3-hash
- draft-iab-web-pki-problems
- draft-housley-rfc-and-id-signatures
- draft-housley-spasm-eku-constraints
- draft-ietf-ntp-cms-for-nts-message
- draft-hardie-iaoc-iab-update
- draft-housley-implementer-obligations
- draft-kolkman-iasa-ex-officio-membership
- draft-handt-sacm-alternate-architecture
- draft-handt-sacm-asset-identifiers
- draft-ymbk-ta-publication
- draft-polk-saag-rtg-auth-keytable
- draft-housley-evidence-extns
- draft-housley-pkix-ecc-pkalgs-ecdsa
- draft-housley-mass-sec-review
- draft-jwalker-eap-archie
- draft-walker-aaa-key-distribution
- draft-ietf-smime-ira
- draft-ietf-cat-ftpdsaauth
- draft-hoffman-des40
- draft-balenson-secure-email
- draft-ietf-pkix-ipki