M3AAWG Senior Technical Advisors are highly respected experts chosen for their skills and industry proficiency who assist the committees in their work and often provide new ideas and perspectives at M3AAWG meetings.
Richard Clayton, Ph.D., Security Researcher, University of Cambridge
Richard Clayton led the team that developed Turnpike, one of the earliest integrated Internet access packages for Windows, giving access to email and Usenet over dialup links. In 1995 his software house was sold to Demon Internet, then the U.K.'s largest ISP. He worked for Demon in various troubleshooting and regulatory roles until 2000, when he returned to the University of Cambridge to study for a PhD. His thesis was completed in 2005, and he has stayed on as an academic "because it is more fun than working." He is currently collaborating with the U.K.'s National Physical Laboratory in a three-year project to develop metrics for Internet security mechanisms.
Dr. Clayton has edited many of LINX's BCP (Best Current Practices) documents, which include some of the earliest formal statements of the terms and conditions that ISPs must impose to ensure that they can deal with abuse of email systems; and in 2007 he became the second recipient of LINX's "Conspicuous Contribution" award.
Dave Crocker, Brandenburg InternetWorking, Principal
David H. Crocker is a principal with Brandenburg InternetWorking. He develops network-based applications businesses and designs system architectures for them. He worked in the ARPANet community during the 1970s, and led product development efforts during the 1980s. During the Internet bubble he founded several startup companies, serving as CEO for one.
Over the years, Mr. Crocker has developed and operated two national email services, designed two others, and was CEO of a community non-profit ISP. His senior management product efforts cover email clients and servers, core protocol stacks for TCP/IP and OSI, network management control stations, and knowledge management tools for product support.
He is a co-recipient of the 2004 IEEE Internet award for his work on email. Mr. Crocker has been leading and authoring Internet standards for thirty years, covering Internet mail, instant messaging, facsimile and EDI. He has also contributed to work on Internet security, ecommerce, domain name service, emergency services, and even some TCP and IP enhancements. He has authored more than 50 IETF Requests For Comments. Mr. Crocker served as an Area Director for the Internet Engineering Task Force, variously overseeing network management, middleware and the IETF standards process. Mr. Crocker's recent efforts include work on the multiple email anti-abuse techniques of DKIM, CSV and BATV. He served on the CEAS 2006 executive committee and on the iTrust 2006 program committee. Mr. Crocker has a B.A. in psychology from UCLA, M.A. from the Annenberg School of Communications at USC, and he studied computer science at the University of Delaware.
David Dagon, Ph.D.
David received a J.D. from Florida State University College of Law, and completed his Ph.D in Computer Science at the Georgia Institute of Technology. He has authored numerous papers in premier academic conferences and has studied botnets as part of his Ph.D. research. He was involved with the development of a successful startup (ClickFox, LLP), and is the inventor of their patented technology.
Stephen Farrell, Ph.D., Trinity College Dublin
Dr. Stephen Farrell is a research fellow in the department of Computer Science at Trinity College Dublin (www.tcd.ie), where he teaches and researches on security and delay/disruption-tolerant networking (DTN). In 2006 he co-authored the first book on the latter topic. Dr. Farrell has been involved in Internet standards for more than a decade and has been an IETF security area director since 2011. He also co-chairs the IRTF Delay Tolerant Networking Research Group (www.dtnrg.org) and is co-founder of Tolerant Networks Limited, a TCD campus company.
John R. Levine, Ph.D., Taughannock Networks, Founder
Dr. John R. Levine is a long-term participant in mail standards and mail anti-abuse efforts. He chairs the IRTF Anti-Spam Research Group and sits on the board of the Coalition Against Unsolicited Commercial E-mail (CAUCE North America). He has written many books including the popular Internet for Dummies, Fighting Spam for Dummies, Windows Vista: the Complete Reference, and qmail.
Dr. Levine has been in the program committee of each of the CEAS conferences, and is active in the design and testing of emerging anti-spam and authentication technologies including: DKIM, BATV, CSV, and ARF. He is a co-founder and director of the Domain Assurance Council, an industry consortium creating open standards for domain certification. Dr. Levine has a B.A. and Ph.D. in Computer Science from Yale University. His other computing interests include compilers; he co-authored the classic lex & yacc and has moderated comp.compilers, the usenet group which is the world's most popular forum on the topic, since 1986.
April Lorenzen, Dissect Cyber Inc.
An Internet security researcher specializing in the preemptive discovery of miscreant and crimeware resources in the domain name system, April Lorenzen has established Web reputation and anti-malware data collection systems and taught data mining and data interpretation techniques. She developed systems to eliminate millions of false negatives from the mail stream and produced data visualizations of the entire IPv4 space as a 3D bar chart of /16 CIDR blocks mapping data points such as fastflux DNS, non-proxy recursive DNS resolvers, and CBL listed IP address density.
Ms. Lorenzen is also the primary architect of the ZoneCruncher tools known as April's Cool Tools that are often used by law enforcement, Internet security firms, anti-spam and academic researchers. She works with organizations involved in Internet data analysis, including CAIDA at the UC San Diego Super Computing Center Spamhaus, the Internet Software Consortium's Security Information Exchange, REN-ISAC and SURBL. As a frequent speaker at international ISP, law enforcement and security industry conferences, she shares her expertise to help organizations contain malware and spam. Ms. Lorenzen has presented at the Anti-Phishing Working Group, Internet2, Internet Security Operations Task Force, and M3AAWG, and is a recipient of the National Cyber-Forensics & Training Alliance award for "Outstanding Support in the On-Going Battle Against Cybercrime."
Joe St Sauver, Ph.D., Farsight Security, Inc.
A distributed system scientist with Dr. Paul Vixie's new data-driven security company, Farsight Security, Inc., Joe St Sauver, Ph.D. previously worked for the Computing Center/Information Services at the University of Oregon on the Internet2/InCommon program for roughly 28 years. He served as Internet2's Nationwide Security Programs Manager and was responsible under a UO contract for the InCommon Certificate Service and Multifactor Program.
Dr. St Sauver is active in a number of cyber security efforts, including serving as co-chair of the M3AAWG Identity Management SIG. He also serves as a strategic advisor and professional member of the Online Trust Alliance (OTA); is on the Coalition Against Unsolicited Email (CAUCE) Board; is a community representative for the Broadband Internet Technical Advisory Group (BITAG); and is a member of the Research and Education Information Sharing and Analysis Center Technical Advisory Group (REN-ISAC TAG). Dr. St Sauver has also been appointed a Courtesy Associate Professor with the Network Startup Resource Center (NSRC) at the University of Oregon, where he provides advice on international cyber security- and privacy-related topics.
Dr. St Sauver routinely writes and presents on a wide range of cyber security topics, including traffic analysis, the future of advanced academic networking, SNMP security, cryptography, multifactor authentication, botnet metrics, security architectures, PKI/client certificates, SOPA/PIPA, malware analysis, SSL certificates, physical security, disaster recovery, cloud computing security, securing mobile devices, the botnet problem in India, registrars and malicious domains, DNS Security and DNSSEC, and IPv6 security, among many others. These and other talks can be found at https://www.stsauver.com/joe/