Wednesday, April 18, 2018


As many of you likely already know, yesterday the House of Representatives Committee on Energy and Commerce held a hearing on Internet prioritization. During that hearing, BITAG’s 2015 report on differentiated treatment of Internet traffic was entered into the record (http://docs.house.gov/meetings/IF/IF16/20180417/108168/HHRG-115-IF16-20180417-SD103-U103.pdf).  The BITAG report touches upon many different aspects of how Internet traffic can receive differential treatment, and gives a set of observations and best practice recommendations. 

Now I do not want to weigh in to, or comment on, the substantive policy discussion that took place during yesterday’s hearing — as that is not BITAG’s remit nor expertise — but I do want to highlight how BITAG was first started in order to inject good consensus technical information into these related policy debates. Here, I am glad that our reports look to be continuing to help policymakers in this regard. 

BITAG is working hard to provide more of the same moving forward, and I can only encourage regulators, policymakers, and the public to make further use of our technical reports. 

Thursday, February 1, 2018

We find ourselves in a new regulatory landscape and I want to speak to how this might affect BITAG. Specifically, I want to discuss how the FCC has recently replaced the 2015 “Open Internet” Order with the “Restoring Internet Freedom” Order.  

This is the FCC’s third Order on the subject of network neutrality during BITAG’s existence – there was the 2010 Open Internet Order that was challenged and later struck down in part by the courts, then the 2015 Open Internet Order revised to withstand the legal challenges that plagued the first, and now the “Restoring Internet Freedom” Order, which repeals nearly the entirety of the regulatory regime put in place by the previous approaches.  As I write, various legal challenges to this latest Order are being prepared, as well as rumblings of different efforts within Congress to address the issue of the “open Internet.”

It is not BITAG’s place to opine on the legal underpinnings of these regulatory efforts, nor are the policy considerations something our engineers can rightly speak to with any expertise.  But we can speak to the technology that makes the network of networks that is the Internet work, and we are here to help everyone in these policy and regulatory debates understand the technical details. Furthermore, we have been here through each of the now three major related regulatory efforts.

Many of you know that BITAG started before the FCC’s first Open Internet Order in 2010, throughout the second Open Internet Order starting in 2015, and we are still going strong as of this latest iteration now in 2018.  The engineers at BITAG have come together time and again to reach consensus on specific network management techniques and practices, and to give best practice recommendations.  We continue to have a broad cross-section of participants from many different parts of the Internet ecosystem, companies that may be at odds or in disagreement in other forums but come together here to find what all of our different members can collectively come to agreement on. And as always, we give the results of our efforts freely to the public, policymakers and regulators, as well as industry, in the form of reports describing each issue and giving those recommendations.

There have been nine reports to date and we are currently working on our tenth report, focused on Internet data collection and privacy. BITAG’s other recent reports have addressed such topics as: Internet of Things (IoT) security and privacy recommendations, differentiated treatment of Internet traffic, interconnection and traffic exchange on the Internet, VoIP impairment and restrictions, real-time network management of Internet congestion, and port blocking, among others. Notably each of our previous reports had a strong trend towards transparency recommendations in addition to other relevant best practices.

BITAG has written detailed reports and given strong recommendations as to the specifics of managing Internet networks many times in the past and we will continue to do so under this new Order, as arguably this latest regulatory twist works to specifically address significantly less than previous Orders and allows for significantly more-varied types of actions than before. Whether you agree with the latest approach or not, from a practical perspective – and at least for the time being – we now seem to find ourselves in a regulatory environment that looks to allow for much more “gray area” within which norms and best practices must be agreed upon.  Thus from one perspective, a broad consensus-based set of technical recommendations on how to go about things would seem more important now than ever before.

Regardless, BITAG has a strong role to play in any regulatory environment, as the need for solid agreed-upon consensus technical information has not and will not go away. Policymakers are often not engineers, but they are making decisions involving complex technology and engineering. To make decisions that do not unintentionally break things, they need to have the best information possible.

BITAG will continue to provide this kind of assistance as the next chapter of how best to approach the Internet from a regulatory perspective unfolds.  Along these lines I also want to reiterate that we are hard at work on our latest effort – focused on Internet data collection and privacy, as mentioned, and which we hope to have finished and available in the next few months.  Further, we will remain ready to assist policymakers and the public in understanding the technical underpinnings of other Internet-related issues as they arise.

Tuesday, August 1, 2017

BITAG’s most recent Internet of Things (IoT) technical report examined the tremendous advances in IoT and highlighted important new security and privacy risks.  The IoT report has a number of observations and recommendations that include:
  • IoT device best practices for current software packages and secure software updates
  • Best practices for authentication
  • Best practices for security and cryptography
  • Secure service disruption policies
  • The IoT supply chain role in addressing IoT security and privacy issues

I understand the recent jointly proposed legislation from Senators Cory Gardner and Mark Warner incorporates some of the recommendations we made. To the extent that the legislation comports with the recommendations in the BITAG IoT report, I see this as movement in a positive direction. I am encouraged to see legislators and policymakers work toward implementing BITAG recommendations and other security and privacy provisions to ensure that consumers enjoy the benefits of IoT while at the same time protecting the networks involved.



Doug


Douglas C. Sicker
Executive Director
Chair of the Technical Working Group
Broadband Internet Technical Advisory Group (BITAG)
dsicker@bitag.org

Tuesday, May 16, 2017

"WannaCry" Ransomware attack & BITAG's Port Blocking Report


I want to comment on the recent “WannaCry” ransomware attack that has been spreading internationally over these past few days, as it is distressing to see an increase in these types of attacks on the infrastructure to which we are so dependent.

As part of our mission, and well-understood to many security researchers and practitioners at the time, BITAG warned about something along these lines back in 2013  when it came to port blocking best practices – at least in terms of malicious attack vectors. In our Port Blocking report, BITAG’s Technical Working Group listed out many well-known ports that are abused and issued consensus recommendations as to blocking them. We also recommended that ISPs disclose which ports they may block.

Ports 139 and 445, as well as other ports associated with NetBios – which from what I can gather are the ports being used by WannaCry (also being called “WanaCrypt” or “Wcry” it seems) – were among the specific ports we recommended blocking. BITAG also recommended a number of other best practices in this area.

I might suggest that BITAG members and others who implemented these port blocking best practices have been better positioned during this recent attack than those who had not and instead left these ports open. Further, network operators and IT teams that have been affected by this ransomware may want to review the rest of our Port Blocking report and consider taking protective actions beyond simply mitigating further spread of WannaCry, as this may help in the future.

Finally, I also recommend to your attention BITAG’s other reports and recommendations on various network management practices and techniques, including the most recent on IoT security and privacy recommendations, all of which can be found on our website at www.bitag.org.  Future reports will be posted there as well.


Doug

Executive Director and Chair of the Technical Working Group
Broadband Internet Technical Advisory Group (BITAG)

Thursday, December 1, 2016

BITAG Publishes Report: Internet of Things (IoT) Security and Privacy Recommendations

Last week we published our report on Internet of Things (IoT) Security and Privacy Recommendations. I am very pleased with this report as not only is it again a consensus report – representing agreement of the full group of participants in the effort (see the final section of the report for the list of those involved) – but it is quite timely. It seems as if hardly a week can go by without another security incident involving IoT devices.

There are more and more of these IoT devices, and as they proliferate, as the network reaches deeper and deeper into our every day lives (particularly into our homes), the risks involved in lax or inadequate security become ever greater. These risks are what BITAG’s report and recommendations are aimed at helping to address.

The report does a very good job of describing the issue, laying out many of the causes and pointing to possible solutions – through a set of observations and best practice recommendations.

Observations. From the combined experience of our participants, the group observes in the report:
    • Security Vulnerabilities Some IoT devices ship “from the factory” with software that either is outdated or becomes outdated over time. Other IoT devices may ship with more current software, but vulnerabilities may be discovered in the future. 
    • Insecure communications Many of the security functions designed for more general-purpose computing devices are difficult to implement on IoT devices and a number of security flaws have been identified in the field, including unencrypted communications and data leaks from IoT devices. 
    • Data leaks IoT devices may leak private user data, both from the cloud (where data is stored) and between IoT devices themselves. 
    • Susceptibility to malware infection and other abuse Malware and other forms of abuse can disrupt IoT device operations, gain unauthorized access, or launch attacks. 
    • Potential for service disruptionThe potential loss of availability or connectivity not only diminishes the functionality of IoT devices, but also may degrade the security of devices in some cases, such as when an IoT device can no longer function without such connectivity (e.g., a home alarm system deactivating if connectivity is lost). 
    • Potential that device security and privacy problems will persist IoT device security issues are likely to persist because many devices may never receive a software update, either because the manufacturer (or other party in the IoT supply chain, or IoT service provider) may not provide updates or because consumers may not apply the updates that are already available.
    • Device replacement may be an alternative for inexpensive or “disposable” devices – Certain IoT devices may be so inexpensive that updating software may be impractical or not cost-effective. In some cases then, replacing a device entirely may be an alternative to software updates. 
    • *Possible future role for in-home network technology – While not labeled an “observation” as such, the group did spend some time in this report discussing the potential future of in-home network technologies and what some of that might look like. 

Recommendations. The report then goes on to give a number of recommendations, many of which will not surprise those readers who are engineers. There is significantly more detail in the report, so I highly recommend reading the full report itself. At a high level though, the recommendations are:
    • IoT Devices Should:   
      • Use best current software practices 
      • Follow security & cryptography best practices, including:
        • Encrypt configuration(command & control) communications by default
        • Secure Communications to and from IoT controllers
        • Encrypt local storage of sensitive data
        • Authenticate communications, software changes, and requests for data
        • Use unique credentials for each device
        • Use credentials that can be updated 
        • Close unnecessary ports and disable unnecessary services 
        • Use libraries that are actively maintained and supported
      • Be restrictive rather than permissive in communicating 
      • Continue to function if Internet connectivity is disrupted or if cloud-backend fails.
      • Support addressing and naming best practices.  
      • Ship with a privacy policy that is easy to find and understand.
    • Disclose rights to remotely decrease IoT device functionality. 
    • The IoT device industry should consider a cybersecurity program.
    • The IoT supply chain should play their part in addressing security & privacy issues, which includes:  
      • Privacy policies 
      • Reset mechanisms 
      • Bug reporting systems 
      • Secure software supply chains
      • Support IoT Devices for their entire lifespan 
      • Clear contact methods 
      • Report discovery and remediation of vulnerabilities 
      • Clear vulnerability reporting processes

Now I have received many questions as to what the “most important” recommendation might be. Here, I want to emphasize how the report should be taken as a whole. It outlines the extent of the problem and gives a significant number of pointed observations that may not be intuitive to non-technical folks, then gives numerous detailed recommendations. In fact, if nothing else, I highly recommend that readers take both the observations and recommendations together and resist looking for a single one that is “most important.” This report and each of its recommendations represent a comprehensive approach to the serious security and privacy issues facing the IoT device ecosystem, and readers should focus on how each of the observations and recommendations fit together.

It is my hope that this report can help to “move the ball forward,” and work to improve the security and privacy of IoT devices as well as help to limit the costs associated with the collateral damage that might otherwise affect IoT device users, manufacturers and vendors, as well as ISPs and others. In short, IoT holds great promise – and BITAG wants to do its part to help IoT devices realize such.

Please feel free to contact me with any questions or comments on the report.
Thank you much,

Doug

Executive Director and Chair of the Technical Working Group
Broadband Internet Technical Advisory Group (BITAG)

Monday, October 15, 2012

BITAG Announces Retirement of Founding Executive Director, Dale Hatfield, and New Executive Director, Douglas Sicker


Denver, CO (October 15, 2012):  Today, the Broadband Internet Technical Advisory Group (BITAG) announced that Dale Hatfield, BITAG’s founding Executive Director, is stepping down from his position.  He will continue to work with BITAG in an advisory capacity.  BITAG also announced the appointment of Professor Douglas Sicker as its new Executive Director and Chair of the Technical Working Group.

Under Hatfield, an Adjunct Professor in the Interdisciplinary Telecommunications Program at the University of Colorado at Boulder and former Chief Technologist of the Federal Communications Commission, BITAG began operations and has issued three separate reports on various technical topics that affect Internet network management.  Hatfield said, “I am extremely pleased with the progress that we have made in creating a great multi-stakeholder organization that I think can serve as a model for further developments in Internet governance.  I cannot think of anyone better than Doug Sicker to lead BITAG into the future.”  

Sicker has held various positions in academia, industry and government.  In addition to his roles at BITAG, Sicker will continue as an endowed professor in the Department of Computer Science at the University of Colorado at Boulder with a joint appointment in the Interdisciplinary Telecommunications Program.  From 2009 to August 2012, Sicker served in a series of government positions.  Most recently, Sicker was the Chief Technology Officer and Senior Advisor for Spectrum at the National Telecommunications and Information Administration (NTIA).  Sicker also served as the Chief Technology Officer of the Federal Communications Commission (FCC) and prior to this served as a senior advisor on the FCC National Broadband Plan.  He has also served as Director of Global Architecture at Level 3 Communications and Chief of the Network Technology Division at the FCC.   Doug was involved in the early efforts to establish BITAG and its Technical Working Group TWG.  Sicker said, “Building upon what Dale has helped to create, I am confident in BITAG’s ability to take on increasingly challenging technical issues and I am looking forward to working with the members of the Technical Working Group to do so.”

Gigi B. Sohn, BITAG Board Chair and President and CEO of Public Knowledge, said, “BITAG is indebted to Dale for his service and efforts in building and leading the BITAG for the past 3 years.  In Doug Sicker the Board has found a leader with the professional background, personal integrity, and technical expertise to take on the most challenging technical issues related to network management.”

Questions should be directed to BITAG’s Deputy Director, Kaleb Sieh, at 303-720-7351 or ksieh@bitag.org.

Wednesday, August 1, 2012

BITAG Announces Publication of Report on SNMP DDoS Attacks

I am pleased to announce the publication of BITAG’s report on Simple Network Management Protocol Reflected Amplification Distributed Denial of Service Attack Mitigation , or “SNMP DDoS Attacks” for short. This technical report will give both technical and non-technical individuals alike insight into a problem beginning to be encountered by ISPs on their networks.

As described in the report, Internet service providers have begun to observe large-scale SNMP reflection attacks where subscriber devices can be used unwittingly to generate significant and sustained levels of traffic targeted against other networks or sites. These attacks can negatively affect service for the targets. The Report assesses the technical implications of such attacks and makes recommendations as to appropriate responses.

From my perspective as the Executive Director of BITAG, I am especially pleased with this report as it was the outcome of our first formal Review Request. A Review Request arises when a BITAG member has identified a technical issue and some potential solutions, but wishes to bring their proposed solution to the BITAG forum prior to implementation in order to solicit input from the rest of our Members. With our Members in turn representing a fairly broad cross-section of the Internet ecosystem, this report demonstrates what BITAG was designed to do. In short, BITAG was formed to look at the intended and unintended consequences of changes in network management techniques, to recommend best practices in implementation, or to recommend other less “harmful” alternatives if they are available. BITAG focuses on those techniques where implementation may have a differential impact or potentially anticompetitive effects on other players in the ecosystem.

SNMP DDoS Attacks is the third report produced by BITAG’s Technical Working Group (TWG) to date.  Our first report dealt with DNS Whitelisting, a technique used in the IPv6 transition, while our second report addressed Large Scale Network Address Translation (NAT), another technique used in the IPv6 transition.

The SNMP Report, including its recommendations, can be found at: http://www.bitag.org/report-snmp-ddos-attacks.php.

Wednesday, March 7, 2012

BITAG Announces Publication of Report on Large Scale Network Address Translation (NAT)

I am pleased to announce the publication of BITAG’s report on Large Scale Network Address Translation, or, as it is called among us engineers, Large Scale NAT or LSN.  I believe this technical report represents a valuable contribution that enables technical and non-technical individuals alike to better understand a particular management technique that is being used to ease the transition from IPv4 to IPv6.  It also further demonstrates the constructive role that BITAG can play in the Internet ecosystem.  IPv4 and IPv6 refer to addressing schemes that allow machines (computers) to find each other when a user types in something like “www.bitag.org.”  The shift from IPv4 to IPv6 is motivated by the rapid growth in the Internet and the associated increasing scarcity of traditional IPv4 addresses.  These two addressing techniques must coexist for some time as it is impractical to do a flash-cut change from the older format to the new IPv6 format.

Large Scale NAT (LSN) is just one technique being used to facilitate the transition from IPv4 to IPv6 and to reduce any frictions caused by the necessary coexistence of the two addressing systems.  This report is the second report produced by BITAG’s Technical Working Group (TWG). Our first report dealt with DNS Whitelisting, which is another technique used to address the IPv6 transition.

Simply stated, LSN allows a large number of IPv4 devices to share a single IPv4 address. This technique has existed for some time in local or private networks to, for example, allow a company’s IT department to rely upon and manage its own private address space but it is now being adopted on a widespread basis by network operators as a means of postponing the ultimate exhaustion of their IPv4 address space. 

What makes this topic especially interesting from my perspective as Executive Director of BITAG is that it is likely to affect many different categories of players in the Internet ecosystems: ISPs, end users, application providers, equipment vendors, content delivery networks, and third parties such as law enforcement agencies. BITAG was established on a multi-stakeholder basis to address changes in network management and other techniques that could have wide-ranging (and potentially negative) impacts on end users and the applications that they rely upon.  By providing an overview of how network operators plan to use LSN and how the technique could impact these and other interest groups, I believe that this Report will both (a) help stakeholders prepare for the wider implementation of LSN and to take actions that minimize the impact on end users and applications and (b) help inform policymakers and regulators of the motivations and trade-offs for the deployment of this technology. More fundamentally, I hope this Report will help smooth the transition to IPv6 and more generally help to reduce or preclude friction and/or conflict surrounding use of this technique among stakeholders.  This is important in terms of BITAG’s overall mission because some observers have expressed the concern that Large Scale NAT could be abused by parties for anti-competitive, discriminatory, or other non-technical purposes.

The LSN report, including its recommendations, can be found at: http://www.bitag.org/documents/BITAG_TWG_Report-Large_Scale_NAT.pdf.

Wednesday, September 21, 2011

BITAG Publishes First Report on DNS Whitelisting

Denver, CO (Sept. 21 2011):  The Broadband Internet Technical Advisory Group (“BITAG”), an organization created to develop consensus on broadband network management practices and other related technical issues that can affect users’ Internet experience, is pleased to announce the completion of its first Technical Review and publication of its first Technical Report, on the subject of DNS Whitelisting.  The Report can be found on the main page of the website at www.bitag.org.

DNS Whitelisting is intended as a means to smooth the global transition of Internet addressing from IPv4 to IPv6, to enable domains to gradually add IPv6 traffic, and/or to protect users from IPv6-related technical impairments. In DNS Whitelisting, Internet web sites or domains selectively return IPv6-related resource names from Domain Name System (“DNS”) servers. The authoritative server hands out different answers depending upon who is asking; for networks on the whitelist, requesters receive IPv4 and IPv6 DNS records, and for those not on the whitelist, requesters receive only IPv4 DNS records. This practice can have the effect of disabling a network (and as a consequence that network’s users) from accessing the domain’s content over IPv6.  

The possibility has been raised that the practice of whitelisting could be abused to accomplish non-technical objectives that could be viewed by some as anti-competitive, discriminatory, or violative of some other public policy objective.  

Dale Hatfield chaired the Whitelisting Review, and Jason Livingood, Executive Director of Internet Systems Engineering at Comcast and a Member of the Board of Trustees of the Internet Society (ISOC), was the lead editor of the Report. 
About BITAG. BITAG is a non-profit, multi-stakeholder organization focused on bringing together engineers and technologists in a Technical Working Group (TWG) to develop consensus on broadband network management practices and other related technical issues that can affect users’ Internet experience, including the impact to and from applications, content and devices that utilize the Internet.
BITAG’s mission includes: (a) educating policymakers on such technical issues; (b) addressing specific technical matters in an effort to minimize related policy disputes; and (c) serving as a sounding board for new ideas and network management practices. Specific TWG functions also may include: (i) identifying “best practices” by broadband providers and other entities; (ii) interpreting and applying “safe harbor” practices; (iii) otherwise providing technical guidance to industry and to the public; and/or (iv) issuing advisory opinions on the technical issues germane to the TWG’s mission that may underlie disputes concerning broadband network management practices.
BITAG TWG reports focus primarily on technical issues.  While the reports may touch on a broad range of questions associated with a particular network management practice, the reports are not intended to address or analyze in a comprehensive fashion the economic, legal, regulatory or public policy issues that the practice may raise. 
About BITAG’s Technical Review Process. BITAG’s core substantive work is performed through its Technical Working Group (TWG), which was formed with the core principles of being: technically driven, balanced, open, efficient, independent, and flexible. The TWG reviews technical issues brought to it through Review Requests submitted by both Members and non-Members, or through a majority weighted vote of the TWG engineers themselves. Each individual Review is taken up by a Committee of the TWG that is composed of engineers and other technical folks representing a broad cross section of the Internet ecosystem. TWG Committees generally operate on a consensus basis, with backstop weighted voting procedures so that when consensus cannot be achieved, each Member category has an equal say in the work product regardless of the composition of the Committee. Finally, BITAG was structured to work as expeditiously as possible, with each Committee operating under a 120-day “shot clock” to complete the respective Review and attendant technical report.


BITAG welcomes any questions, comments or suggestions. Please contact our Executive Director, Dale Hatfield, at dhatfield@bitag.org, or our Program Director, Kaleb A. Sieh, at ksieh@bitag.org. Also, for additional information please see our website at www.bitag.org.

BITAG Launches Second Technical Review on Large Scale Network Address Translation (Large Scale NAT)

Denver, CO (Sept. 21 2011):  The Broadband Internet Technical Advisory Group (“BITAG”), an organization created to develop consensus on broadband network management practices and other related technical issues that can affect users’ Internet experience, is pleased to announce the initiation of its second technical review, on the topic of Large Scale Network Address Translation (“Large Scale NAT”, “LSN” or “Carrier Grade NAT”) – an IPv6 transition technique.

BITAG’s second review will describe and analyze the deployment of Large Scale NAT equipment that allows a large number of IPv4-enabled end devices to share a single IPv4 address. Since publicly routable IPv4 addresses are becoming scarce, LSN allows enterprises, Internet Service Providers (ISPs), wireless providers, and other networks that serve large numbers of devices to extend the lifespan of IPv4 connectivity. 

In general, Network Address Translation (NAT) is known to “break” or impair a variety of Internet applications, and some problems with NAT are exacerbated by LSN. When LSN is used by ISPs to provide IPv4 connectivity, subscribers behind the LSN may not be able to run certain applications that subscribers with unique public IP addresses are able to run. Beyond the technical implications, this may yield cases with performance imbalances between High-Speed Internet Access services and other IP-based services offered on the network. 

Dale Hatfield, Executive Director of BITAG and Adjunct Professor in the Interdisciplinary Telecommunications Program at the University of Colorado at Boulder, will chair the second Review, and Charles R. Kalmanek, Vice President of Networking and Services at AT&T, will be the lead editor of the resulting report. This review, and its attendant report, has an estimated completion date of early January 2012.

About BITAG. BITAG is a non-profit, multi-stakeholder organization focused on bringing together engineers and technologists in a Technical Working Group (TWG) to develop consensus on broadband network management practices and other related technical issues that can affect users’ Internet experience, including the impact to and from applications, content and devices that utilize the Internet.
BITAG’s mission includes: (a) educating policymakers on such technical issues; (b) addressing specific technical matters in an effort to minimize related policy disputes; and (c) serving as a sounding board for new ideas and network management practices. Specific TWG functions also may include: (i) identifying “best practices” by broadband providers and other entities; (ii) interpreting and applying “safe harbor” practices; (iii) otherwise providing technical guidance to industry and to the public; and/or (iv) issuing advisory opinions on the technical issues germane to the TWG’s mission that may underlie disputes concerning broadband network management practices.
BITAG TWG reports focus primarily on technical issues.  While the reports may touch on a broad range of questions associated with a particular network management practice, the reports are not intended to address or analyze in a comprehensive fashion the economic, legal, regulatory or public policy issues that the practice may raise. 
About BITAG’s Technical Review Process. BITAG’s core substantive work is performed through its Technical Working Group (TWG), which was formed with the core principles of being: technically driven, balanced, open, efficient, independent, and flexible. The TWG reviews technical issues brought to it through Review Requests submitted by both Members and non-Members, or through a majority weighted vote of the TWG engineers themselves. Each individual Review is taken up by a Committee of the TWG that is composed of engineers and other technical folks representing a broad cross section of the Internet ecosystem. TWG Committees generally operate on a consensus basis, with backstop weighted voting procedures so that when consensus cannot be achieved, each Member category has an equal say in the work product regardless of the composition of the Committee. Finally, BITAG was structured to work as expeditiously as possible, with each Committee operating under a 120-day “shot clock” to complete the respective Review and attendant technical report.


BITAG welcomes any questions, comments or suggestions. Please contact our Executive Director, Dale Hatfield, at dhatfield@bitag.org, or our Program Director, Kaleb A. Sieh, at ksieh@bitag.org. Also, for additional information please see our website at www.bitag.org.