Industry Specification Group (ISG) Encrypted Traffic Integration (ETI)
ISG ETI develops Group Specifications (GS) and Group Reports (GR) that define requirements and identify the use cases of Encrypted Traffic Integration techniques to mitigate against threats to networks and users arising from the deployment of encrypted traffic. The group will define detailed specifications of mitigation measures with a view to their further development in ETSI Technical Committees that are identified as appropriate for their adoption.
As a pre-standardization activity, the ISG ETI intends to frame the security concerns arising from widespread adoption of encryption by default in networks and to build the foundation of a longer-term response to the threats from the “encrypted by default” paradigm. In addition, ISG ETI is looking at the regulatory impact of the "encrypted by default" paradigm and has added a specific work item to provide guidance to support implementation of the EU "Council Resolution on Encryption Security through encryption and security despite encryption" that was adopted on 14 December 2020.
The underlying rationale for ISG ETI is that a paradigm of "encrypted by default" has been adopted by many network and service providers without taking due account of any threats to network resilience and security. The network management oversight that is accepted for non-encrypted traffic may be lost when an all encrypted paradigm is adopted. The aim of ISG ETI is to be able to better describe the issues and to establish essential requirements to allow for the integration of such traffic to all aspects of network operation. The scope of the problem that ISG ETI is set to solve is addressed in the published ETSI report ISG ETI 001. An active and regularly updated overview of the work of ISG ETI and an insight to the impacted ecosystem is maintained on the ISG ETI Wiki.