File formats:

Status:

INFORMATIONAL

Authors:

S. Bellovin, Ed.
J. Schiller, Ed.
C. Kaufman, Ed.

Stream:

IAB

Cite this RFC: TXT  |  XML  |   BibTeX

DOI:  https://doi.org/10.17487/RFC3631

Discuss this RFC: Send questions or comments to the mailing list iab@iab.org

Other actions: Submit Errata  |  Find IPR Disclosures from the IETF  |  View History of RFC 3631

Abstract

Security must be built into Internet Protocols for those protocols to offer their services securely. Many security problems can be traced to improper implementations. However, even a proper implementation will have security problems if the fundamental protocol is itself exploitable. Exactly how security should be implemented in a protocol will vary, because of the structure of the protocol itself. However, there are many protocols for which standard Internet security mechanisms, already developed, may be applicable. The precise one that is appropriate in any given situation can vary. We review a number of different choices, explaining the properties of each.

For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 8729.