Home Senior Technical Advisors

M3AAWG Senior Technical Advisors are highly respected experts chosen for their skills and industry proficiency who assist the committees in their work and often provide new ideas and perspectives at M3AAWG meetings.

Richard Clayton, Ph.D., Security Researcher, University of Cambridge


Richard Clayton led the team that developed Turnpike, one of the earliest integrated Internet access packages for Windows, giving access to email and Usenet over dialup links. In 1995 his software house was sold to Demon Internet, then the U.K.'s largest ISP. He worked for Demon in various troubleshooting and regulatory roles until 2000, when he returned to the University of Cambridge to study for a PhD. His thesis was completed in 2005, and he has stayed on as an academic "because it is more fun than working." He is currently collaborating with the U.K.'s National Physical Laboratory in a three-year project to develop metrics for Internet security mechanisms.

Dr. Clayton has edited many of LINX's BCP (Best Current Practices) documents, which include some of the earliest formal statements of the terms and conditions that ISPs must impose to ensure that they can deal with abuse of email systems; and in 2007 he became the second recipient of LINX's "Conspicuous Contribution" award.

Dave Crocker, Brandenburg InternetWorking, Principal


David H. Crocker is a principal with Brandenburg InternetWorking. He develops network-based applications businesses and designs system architectures for them. He worked in the ARPANet community during the 1970s, and led product development efforts during the 1980s. During the Internet bubble he founded several startup companies, serving as CEO for one.

Over the years, Mr. Crocker has developed and operated two national email services, designed two others, and was CEO of a community non-profit ISP. His senior management product efforts cover email clients and servers, core protocol stacks for TCP/IP and OSI, network management control stations, and knowledge management tools for product support.

He is a co-recipient of the 2004 IEEE Internet award for his work on email. Mr. Crocker has been leading and authoring Internet standards for thirty years, covering Internet mail, instant messaging, facsimile and EDI. He has also contributed to work on Internet security, ecommerce, domain name service, emergency services, and even some TCP and IP enhancements. He has authored more than 50 IETF Requests For Comments. Mr. Crocker served as an Area Director for the Internet Engineering Task Force, variously overseeing network management, middleware and the IETF standards process. Mr. Crocker's recent efforts include work on the multiple email anti-abuse techniques of DKIM, CSV and BATV. He served on the CEAS 2006 executive committee and on the iTrust 2006 program committee. Mr. Crocker has a B.A. in psychology from UCLA, M.A. from the Annenberg School of Communications at USC, and he studied computer science at the University of Delaware.

Stephen Farrell, Ph.D., Trinity College Dublin

Dr. Stephen Farrell is a research fellow in the department of Computer Science at Trinity College Dublin (www.tcd.ie), where he teaches and researches on security and delay/disruption-tolerant networking (DTN). In 2006 he co-authored the first book on the latter topic. Dr. Farrell has been involved in Internet standards for more than a decade and has been an IETF security area director since 2011. He also co-chairs the IRTF Delay Tolerant Networking Research Group (www.dtnrg.org) and is co-founder of Tolerant Networks Limited, a TCD campus company.

John R. Levine, Ph.D., Taughannock Networks, Founder


Dr. John R. Levine is a long-term participant in mail standards and mail anti-abuse efforts. He chairs the IRTF Anti-Spam Research Group and sits on the board of the Coalition Against Unsolicited Commercial E-mail (CAUCE North America). He has written many books including the popular Internet for Dummies, Fighting Spam for Dummies, Windows Vista: the Complete Reference, and qmail.

Dr. Levine has been in the program committee of each of the CEAS conferences, and is active in the design and testing of emerging anti-spam and authentication technologies including: DKIM, BATV, CSV, and ARF. He is a co-founder and director of the Domain Assurance Council, an industry consortium creating open standards for domain certification. Dr. Levine has a B.A. and Ph.D. in Computer Science from Yale University. His other computing interests include compilers; he co-authored the classic lex & yacc and has moderated comp.compilers, the usenet group which is the world's most popular forum on the topic, since 1986.

April Lorenzen, Dissect Cyber Inc.


April Lorenzen is an internet security researcher specializing in the preemptive discovery of miscreant and crimeware resources in the domain name system. In her work as Chief Data Scientist at Zetalytics, she oversees one of the world's most geographically diverse passive DNS systems. She has operated IoC (Indicators of Compromise) security feeds continuously since 2004 and is the primary architect of the free open source data visualization tool "Mal4s.”

April is also active in the white hat community as a M3AAWG Senior Technical Advisor and as a Senior Research Fellow for the Anti-Phishing Working Group (APWG). She received the Global Impact award from the Department of Homeland Security S&T Cyber Security Division in 2016 and currently serves as the Principal Investigator for a critical infrastructure supply chain cybersecurity notification research project. She also has been appointed to serve on the Cyber Rhode Island Advisory Committee by the state’s Congressional representative. In 2006, April received an award for Outstanding Support in the Ongoing Battle Against Cyber Crime from the National Cyber Forensics Training Alliance (NCFTA).  She is a frequent trainer and speaker at international ISP, law enforcement and security industry conferences.

Joe St Sauver, Ph.D., Farsight Security, Inc.

stsauver@fsi.io (work) / joe@stsauver.com

A scientist with Dr. Paul Vixie's data-driven security company, Farsight Security, Inc., Joe St Sauver, Ph.D. previously worked for the Computing Center/Information Services at the University of Oregon on the Internet2/InCommon program for roughly 28 years. He served as Internet2's Nationwide Security Programs Manager and was responsible under a UO contract for the InCommon Certificate Service and Multifactor Program.

Dr. St Sauver is active in a number of cyber security efforts, including serving as co-chair of the M3AAWG Identity Management SIG.  He also advises the Global Cyber Alliance and Cybergreen, and is on the Coalition Against Unsolicited Email (CAUCE) Board. He is a member of the Research and Education Network Information Sharing and Analysis Center Technical Advisory Group (REN-ISAC TAG).

Dr. St Sauver routinely writes and presents on a wide range of cyber security topics, including traffic analysis, the future of advanced academic networking, SNMP security, cryptography, multifactor authentication, botnet metrics, security architectures, PKI/client certificates, SOPA/PIPA, malware analysis, SSL certificates, physical security, disaster recovery, cloud computing security, securing mobile devices, the botnet problem in India, registrars and malicious domains, DNS Security and DNSSEC, and IPv6 security, among many others.  These and other talks can be found at https://www.stsauver.com/joe/