RFC 3365: Strong security requirements for internet engineering task force standards protocols
August 2002
Standards
Summary
The purpose of this document is to outline the IETF consensus on security requirements for protocols and to provide the background and motivation for these requirements.
The Internet is a global network composed of independently managed networks and hosts. As such, there is no central authority responsible for the operation of the network, nor is there a central authority responsible for providing security across the network.
Security must be implemented end-to-end or host-to-host. The IETF’s role in security is to ensure that IETF standard protocols include the necessary features to provide appropriate security for applications as they may be used across the Internet. Mandatory-to-implement mechanisms should offer adequate security to protect sensitive business applications.