This memo documents the process currently used by the Internet community for the standardization of protocols and procedures. The Internet Standards process is an activity of the Internet Society that is organized and managed on behalf of the Internet community by the Internet Architecture Board (IAB) and the Internet Engineering Steering Group (IESG).

The Internet, a loosely-organized international collaboration of autonomous, interconnected networks, supports host-to-host communication through voluntary adherence to open protocols and procedures defined by Internet Standards. There are also many isolated interconnected networks, which are not connected to the global Internet but use the Internet Standards.

The Internet Standards Process described in this document is concerned with all protocols, procedures, and conventions that are used in or by the Internet, whether or not they are part of the TCP/IP protocol suite. In the case of protocols developed and/or standardized by non-Internet organizations, however, the Internet Standards Process normally applies to the application of the protocol or procedure in the Internet context, not to the specification of the protocol itself.

In general, an Internet Standard is a specification that is stable and well-understood, is technically competent, has multiple, independent, and interoperable implementations with substantial operational experience, enjoys significant public support, and is recognizably useful in some or all parts of the Internet.

In outline, the process of creating an Internet Standard is straightforward: a specification undergoes a period of development and several iterations of review by the Internet community and revision based upon experience, is adopted as a Standard by the appropriate body (see below), and is published. In practice, the process is more complicated, due to

1. the difficulty of creating specifications of high technical quality;
2. the need to consider the interests of all of the affected parties;
3. the importance of establishing widespread community consensus; and
4. the difficulty of evaluating the utility of a particular specification for the Internet community.

The procedures described in this document are designed to be fair, open, and objective; to reflect existing (proven) practice; and to be flexible.

o These procedures are intended to provide a fair, open, and objective basis for developing, evaluating, and adopting Internet Standards. They provide ample opportunity for participation and comment by all interested parties. At each stage of the standardization process, a specification is repeatedly discussed and its merits debated in open meetings and/or public electronic mailing lists, and it is made available for review via world-wide on-line directories.

o These procedures are explicitly aimed at recognizing and adopting generally-accepted practices. Thus, a candidate specification must be implemented and tested for correct operation and interoperability by multiple independent parties and utilized in increasingly demanding environments, before it can be adopted as

an Internet Standard.

o These procedures provide a great deal of flexibility to adapt to the wide variety of circumstances that occur in the standardization process. Experience has shown this flexibility to be vital in achieving the goals listed above.

The goal of technical competence, the requirement for prior implementation and testing, and the need to allow all interested parties to comment all require significant time and effort. On the other hand, today's rapid development of networking technology demands timely development of standards. The Internet Standards Process is intended to balance these conflicting goals. The process is believed to be as short and simple as possible without sacrificing technical excellence, thorough testing before adoption of a standard, or openness and fairness.

From its inception, the Internet has been, and is expected to remain, an evolving system whose participants regularly factor new requirements and technology into its design and implementation. Users of the Internet and providers of the equipment, software, and services that support it should anticipate and embrace this evolution as a major tenet of Internet philosophy.

• technical excellence
• prior implementation and testing
• clear, concise, and easily understood documentation
• openness and fairness and

• timeliness

Each distinct version of an Internet standards-related specification is published as part of the "Request for Comments" (RFC) document series. This archival series is the official publication channel for Internet standards documents and other publications of the IESG, IAB, and Internet community. RFCs can be obtained from a number of Internet hosts using anonymous FTP, gopher, World Wide Web, and other Internet document-retrieval systems.

The RFC series of documents on networking began in 1969 as part of the original ARPA wide-area networking (ARPANET) project (see Appendix A for glossary of acronyms). RFCs cover a wide range of topics in addition to Internet Standards, from early discussion of new research concepts to status memos about the Internet. RFC publication is the direct responsibility of the RFC Editor, under the general direction of the IAB.

During the development of a specification, draft versions of the document are made available for informal review and comment by placing them in the IETF's "Internet-Drafts" directory, which is replicated on a number of Internet hosts. This makes an evolving working document readily available to a wide audience, facilitating the process of review and revision.

An Internet-Draft that is published as an RFC, or that has remained unchanged in the Internet-Drafts directory for more than six months without being recommended by the IESG for publication as an RFC, is simply removed from the Internet-Drafts directory. At any time, an Internet-Draft may be replaced by a more recent version of the same specification, restarting the six-month timeout period.

An Internet-Draft is NOT a means of "publishing" a specification; specifications are published through the RFC mechanism described in the previous section. Internet-Drafts have no formal status, and are subject to change or removal at any time.

Note: It is acceptable to reference a standards-track specification that may reasonably be expected to be published as an RFC using the phrase "Work in Progress" without referencing an Internet-Draft. This may also be done in a standards track document itself as long as the specification in which the reference is made would stand as a complete and understandable document with or without the reference to the "Work in Progress".

Specifications subject to the Internet Standards Process fall into one of two categories: Technical Specification (TS) and Applicability Statement (AS).

A Technical Specification is any description of a protocol, service, procedure, convention, or format. It may completely describe all of the relevant aspects of its subject, or it may leave one or more parameters or options unspecified. A TS may be completely self- contained, or it may incorporate material from other specifications by reference to other documents (which might or might not be Internet Standards).

A TS shall include a statement of its scope and the general intent for its use (domain of applicability). Thus, a TS that is inherently specific to a particular context shall contain a statement to that effect. However, a TS does not specify requirements for its use within the Internet; these requirements, which depend on the particular context in which the TS is incorporated by different system configurations, are defined by an Applicability Statement.

An Applicability Statement specifies how, and under what circumstances, one or more TSs may be applied to support a particular Internet capability. An AS may specify uses for TSs that are not Internet Standards.

An AS identifies the relevant TSs and the specific way in which they are to be combined, and may also specify particular values or ranges of TS parameters or subfunctions of a TS protocol that must be implemented. An AS also specifies the circumstances in which the use of a particular TS is required, recommended, or elective .

An AS may describe particular methods of using a TS in a restricted "domain of applicability", such as Internet routers, terminal servers, Internet systems that interface to Ethernets, or datagram- based database servers.

The broadest type of AS is a comprehensive conformance specification, commonly called a "requirements document", for a particular class of Internet systems, such as Internet routers or Internet hosts.

An AS may not have a higher maturity level in the standards track than any standards-track TS on which the AS relies (see section 4.1). For example, a TS at Draft Standard level may be referenced by an AS at the Proposed Standard or Draft Standard level, but not by an AS at the Standard level.

An AS shall apply one of the following "requirement levels" to each of the TSs to which it refers:

(a) Required: Implementation of the referenced TS, as specified by the AS, is required to achieve minimal conformance. For example, IP and ICMP must be implemented by all Internet systems using the TCP/IP Protocol Suite.

(b) Recommended: Implementation of the referenced TS is not required for minimal conformance, but experience and/or generally accepted technical wisdom suggest its desirability in the domain of applicability of the AS. Vendors are strongly encouraged to include the functions, features, and protocols of Recommended TSs in their products, and should omit them only if the omission is justified by some special circumstance. For example, the TELNET protocol should be implemented by all systems that would benefit from remote access.

(c) Elective: Implementation of the referenced TS is optional within the domain of applicability of the AS; that is, the AS creates no explicit necessity to apply the TS. However, a particular vendor may decide to implement it, or a particular user example, the DECNET MIB could be seen as valuable in an environment where the DECNET protocol is used.

4. Limited Use: The TS is considered to be appropriate for use only in limited or unique circumstances.

For example, the usage of a protocol with the "Experimental" designation should generally be limited to those actively involved with the experiment.

(e) Not Recommended: A TS that is considered to be inappropriate for general use is labeled "Not Recommended ". This may be because of its limited functionality, specialized nature, or historic status.

Although TSs and ASs are conceptually separate, in practice a standards-track document may combine an AS and one or more related TSs. For example, Technical Specifications that are developed specifically and exclusively for some particular domain of applicability, e.g., for mail server hosts, often contain within a single specification all of the relevant AS and TS information. In such cases, no useful purpose would be served by deliberately distributing the information among several documents just to preserve the formal AS/TS distinction. However, a TS that is likely to apply to more than one domain of applicability should be developed in a

Specifications that are intended to become Internet Standards evolve through a set of maturity levels known as the "standards track". Even after a specification has been adopted as an Internet Standard, further evolution often occurs based on experience and the recognition of new requirements. The nomenclature and procedures of Internet standardization provide for the replacement of old Internet Standards with new ones, and the assignment of descriptive labels to indicate the status of "retired" Internet Standards. A set of maturity levels is defined in section 4.2 to cover these and other specifications that are not considered to be on the standards track.

Internet specifications go through stages of development, testing, and acceptance. Within the Internet Standards Process, these stages are formally labeled "maturity levels". This section describes the maturity levels and the expected characteristics of specifications at each level.

The entry-level maturity for the standards track is "Proposed Standard". A specific action by the IESG is required to move a specification onto the standards track at the "Proposed Standard" level. A Proposed Standard specification is generally stable, has resolved known design choices, is believed to be well-understood, has received significant community review, and appears to enjoy enough community interest to be considered valuable. However, further experience might result in a change or even retraction of the specification before it advances.

Usually, neither implementation nor operational experience is required for the designation of a specification as a Proposed Standard. However, such experience is highly desirable, and will usually represent a strong argument in favor of a Proposed Standard designation.

The IESG may require implementation and/or operational experience prior to granting Proposed Standard status to a specification that materially affects the core Internet protocols or that specifies behavior that may have significant operational impact on the Internet.

A Proposed Standard should have no known technical omissions with respect to the requirements placed upon it. However, the IESG may waive this requirement in order to allow a specification to advance to the Proposed Standard state when it is considered to be useful and necessary (and timely) even with known technical omissions. Implementors should treat Proposed Standards as immature specifications. It is desirable to implement them in order to gain experience and to validate, test, and clarify the specification. However, since the content of Proposed Standards may be changed if problems are found or better solutions are identified, deploying implementations of such standards into a disruption-sensitive environment is not recommended.

A specification from which at least two independent and interoperable implementations from different code bases have been developed, and for which sufficient successful operational experience has been obtained, may be elevated to the "Draft Standard" level. For the purposes of this section, "interoperabl which they are used. If patented or otherwise controlled technology is required for implementation, the separate implementations must also have resulted from separate exercise of the licensing process.

Elevation to Draft Standard is a major advance in status, indicating a strong belief that the specification is mature and will be useful.The requirement for at least two independent and interoperable implementations applies to all of the options and features of the specification. In cases in which one or more options or features have not been demonstrated in at least two interoperable implementations, the specification may advance to the Draft Standard level only if those options or features are removed.

The Working Group chair is responsible for documenting the specific implementations which qualify the specification for Draft or Internet Standard status along with documentation about testing of the interoperation of these implementations. The documentation must include information about the support of each of the individual options and features. This documentation should be submitted to the Area Director with the protocol action request.

A Draft Standard must be well-understood and known to be quite stable, both in its semantics and as a basis for developing an implementation. A Draft Standard may still require additional or more widespread field experience, since it is possible for implementations based on Draft Standard specifications to demonstrate unforeseen behavior when subjected to large-scale use in production environments.

A Draft Standard is normally considered to be a final specification, and changes are likely to be made only to solve specific problems encountered. In most circumstances, it is reasonable for vendors to deploy implementations of Draft Standards into a disruption sensitive environment.

A specification for which significant implementation and successful operational experience has been obtained may be elevated to the Internet Standard level. An Internet Standard (which may simply be referred to as a Standard) is characterized by a high degree of technical maturity and by a generally held belief that the specified protocol or service provides significant benefit to the Internet community.

A specification that reaches the status of Standard is assigned a number in the STD series while retaining its RFC number.

The mechanics of the Internet Standards Process involve decisions of the IESG concerning the elevation of a specification onto the standards track or the movement of a standards-track specification from one maturity level to another. Although a number of reasonably objective criteria (described below and in section 4) are available to guide the IESG in making a decision to move a specification onto, along, or off the standards track, there is no algorithmic guarantee of elevation to or progression along the standards track for any specification. The experienced collective judgment of the IESG concerning the technical quality of a specification proposed forelevation to or advancement in the standards track is an essential component of the decision-making process.

A "standards action" -- entering a particular specification into, advancing it within, or removing it from, the standards track -- must be approved by the IESG.

A specification that is intended to enter or advance in the Internet standards track shall first be posted as an Internet-Draft unless it has not changed since publication as an RFC. It shall remain as an Internet-Draft for a period of time, not less than two weeks, that permits useful community review, after which a

recommendation for action may be initiated.

A standards action is initiated by a recommendation by the IETF Working group responsible for a specification to its Area Director, copied to the IETF Secretariat or, in the case of a specification not associated with a Working Group, a recommendation by an individual to the IESG.

The IESG shall determine whether or not a specification submitted to it according to section 6.1.1 satisfies the applicable criteria for the recommended action (see sections 4.1 and 4.2), and shall in addition determine whether or not the technical quality and clarity of the specification is consistent with that expected for the maturity level to which the specification is recommended.

In order to obtain all of the information necessary to make these determinations, particularly when the specification is considered by the IESG to be extremely important in terms of its potential impacton the Internet or on the suite of Internet protocols, the IESG may, at its discretion, commission an independent technical review of the specification.

The IESG will send notice to the IETF of the pending IESG consideration of the document(s) to permit a final review by the general Internet community. This "Last-Call" notification shall be via electronic mail to the IETF Announce mailing list. Comments on a Last-Call shall be accepted from anyone, and should be sent as directed in the Last-Call announcement.

The Last-Call period shall be no shorter than two weeks except in those cases where the proposed standards action was not initiated by an IETF Working Group, in which case the Last-Call period shall be no shorter than four weeks. If the IESG believes that the community interest would be served by allowing more time for comment, it may decide on a longer Last-Call period or to explicitly lengthen a current Last-Call period.

The IESG is not bound by the action recommended when the specification was submitted. For example, the IESG may decide to consider the specification for publication in a different category than that requested. If the IESG determines this before the Last- Call is issued then the Last-Call should reflect the IESG's view. The IESG could also decide to change the publication category based on the response to a Last-Call. If this decision would result in a specification being published at a "higher" level than the original

Last-Call was for, a new Last-Call should be issued indicating the IESG recommendation. In addition, the IESG may decide to recommend the formation of a new Working Group in the case of significant controversy in response to a Last-Call for specification not originating from an IETF Working Group.

In a timely fashion after the expiration of the Last-Call period, the IESG shall make its final determination of whether or not to approve the standards action, and shall notify the IETF of its decision via electronic mail to the IETF Announce mailing list.

If a standards action is approved, notification is sent to the RFC Editor and copied to the IETF with instructions to publish the specification as an RFC. The specification shall at that point be removed from the Internet-Drafts directory. An official summary of standards actions completed and pending shall appear in each issue of the Internet Society's newsletter. This shall constitute the "publication of record" for Internet standards actions.

The RFC Editor shall publish periodically an "Internet Official Protocol Standards" RFC [1], summarizing the status of all Internet protocol and service specifications.

The procedure described in section 6.1 is followed for each action that attends the advancement of a specification along the standards track.

A specification shall remain at the Proposed Standard level for at least six (6) months.

A specification shall remain at the Draft Standard level for at least four (4) months, or until at least one IETF meeting has occurred, whichever comes later.

These minimum periods are intended to ensure adequate opportunity for community review without severely impacting timeliness. These intervals shall be measured from the date of publication of the corresponding RFC(s), or, if the action does not result in RFC publication, the date of the announcement of the IESG approval of the action.

A specification may be (indeed, is likely to be) revised as it advances through the standards track. At each stage, the IESG shall determine the scope and significance of the revision to the specification, and, if necessary and appropriate, modify the recommended action. Minor revisions are expected, but a significant revision may require that the specification accumulate more experience at its current maturity level before progressing. Finally, if the specification has been changed very significantly, the IESG may recommend that the revision be treated as a new document, re- entering the standards track at the beginning.

Change of status shall result in republication of the specification as an RFC, except in the rare case that there have been no changes at all in the specification since the last publication. Generally, desired changes will be "batched" for incorporation at the next level in the standards track. However, deferral of changes to the next standards action on the specification will not always be possible or desirable; for example, an important typographical error, or a technical error that does not represent a change in overall function of the specification, may need to be corrected immediately. In such cases, the IESG or RFC Editor may be asked to republish the RFC (with a new number) with corrections, and this will not reset the minimum time-at-level clock.

When a standards-track specification has not reached the Internet Standard level but has remained at the same maturity level for twenty-four (24) months, and every twelve (12) months thereafter until the status is changed, the IESG shall review the viability of the standardization effort responsible for that specification and the usefulness of the technology. Following each such review, the IESG shall approve termination or continuation of the development effort, at the same time the IESG shall decide to maintain the specification at the same maturity level or to move it to Historic status. This decision shall be communicated to the IETF by electronic mail to the IETF Announce mailing list to allow the Internet community an opportunity to comment. This provision is not intended to threaten a legitimate and active Working Group effort, but rather to provide an administrative mechanism for terminating a moribund effort.

A new version of an established Internet Standard must progress through the full Internet standardization process as if it were a completely new specification. Once the new version has reached the Standard level, it will usually replace the previous version, which will be moved to Historic status. However, in some cases both versions may remain as Internet Standards to honor the requirements of an installed base. In this situation, the relationship between the previous and the new versions must be explicitly stated in the text of the new version or in another appropriate document (e.g., an Applicability Statement; see section 3.2).

As the technology changes and matures, it is possible for a new Standard specification to be so clearly superior technically that one or more existing standards track specifications for the same function should be retired. In this case, or when it is felt for some other reason that an existing standards track specification should be retired, the IESG shall approve a change of status of the old specification(s) to Historic. This recommendation shall be issued with the same Last-Call and notification procedures used for any other standards action. A request to retire an existing standard can originate from a Working Group, an Area Director or some other interested party.

Disputes are possible at various stages during the IETF process. As much as possible the process is designed so that compromises can be made, and genuine consensus achieved, however there are times when even the most reasonable and knowledgeable people are unable to agree. To achieve the goals of openness and fairness, such conflicts must be resolved by a process of open review and discussion. This section specifies the procedures that shall be followed to deal with Internet standards issues that cannot be resolved through the normal processes whereby IETF Working Groups and other Internet Standards Process participants ordinarily reach consensus.

An individual (whether a participant in the relevant Working Group or not) may disagree with a Working Group recommendation based on his or her belief that either (a) his or her own views have not been adequately considered by the Working Group, or (b) the Working Group has made an incorrect technical choice which places the quality and/or integrity of the Working Group's product(s) in significant jeopardy. The first issue is a difficulty with Working Group process; the latter is an assertion of technical error. These two types of disagreement are quite different, but both are handled by the same process of review.

A person who disagrees with a Working Group recommendation shall always first discuss the matter with the Working Group's chair(s), who may involve other members of the Working Group (or the Working Group as a whole) in the discussion.

If the disagreement cannot be resolved in this way, any of the parties involved may bring it to the attention of the Area Director(s) for the area in which the Working Group is chartered. The Area Director(s) shall attempt to resolve the dispute.

If the disagreement cannot be resolved by the Area Director(s) any of the parties involved may then appeal to the IESG as a whole. The IESG shall then review the situation and attempt to resolve it in a manner of its own choosing.

If the disagreement is not resolved to the satisfaction of the parties at the IESG level, any of the parties involved may appeal the decision to the IAB. The IAB shall then review the situation and attempt to resolve it in a manner of its own choosing.

The IAB decision is final with respect to the question of whether or not the Internet standards procedures have been followed and with respect to all questions of technical merit.

This document sets forward procedures required to be followed to ensure openness and fairness of the Internet Standards Process, and the technical viability of the standards created. The IESG is the principal agent of the IETF for this purpose, and it is the IESG that is charged with ensuring that the required procedures have been followed, and that any necessary prerequisites to a standards action have been met.

If an individual should disagree with an action taken by the IESG in this process, that person should first discuss the issue with the ISEG Chair. If the IESG Chair is unable to satisfy the complainant then the IESG as a whole should re-examine the action taken, along with input from the complainant, and determine whether any further action is needed. The IESG shall issue a report on its review of the complaint to the IETF.

Should the complainant not be satisfied with the outcome of the IESG review, an appeal may be lodged to the IAB. The IAB shall then review the situation and attempt to resolve it in a manner of its own choosing and report to the IETF on the outcome of its review.

If circumstances warrant, the IAB may direct that an IESG decision be annulled, and the situation shall then be as it was before the IESG decision was taken. The IAB may also recommend an action to the IESG, or make such other recommendations as it deems fit. The IAB may not, however, pre-empt the role of the IESG by issuing a decision which only the IESG is empowered to make.

The IAB decision is final with respect to the question of whether or not the Internet standards procedures have been followed.

Further recourse is available only in cases in which the procedures themselves (i.e., the procedures described in this document) are claimed to be inadequate or insufficient to the protection of the rights of all parties in a fair and open Internet Standards Process. Claims on this basis may be made to the Internet Society Board of Trustees. The President of the Internet Society shall acknowledge such an appeal within two weeks, and shall at the time of acknowledgment advise the petitioner of the expected duration of the Trustees' review of the appeal. The Trustees shall review the situation in a manner of its own choosing and report to the IETF on the outcome of its review.

The Trustees' decision upon completion of their review shall be final with respect to all aspects of the dispute.

All appeals must include a detailed and specific description of the facts of the dispute.

All appeals must be initiated within two months of the public knowledge of the action or decision to be challenged.

At all stages of the appeals process, the individuals or bodies responsible for making the decisions have the discretion to define the specific procedures they will follow in the process of making their decision.

In all cases a decision concerning the disposition of the dispute, and the communication of that decision to the parties involved, must be accomplished within a reasonable period of time.

NOTE: These procedures intentionally and explicitly do not establish a fixed maximum time period that shall be considered "reasonable" in all cases. The Internet Standards Process places a premium on consensus and efforts to achieve it, and deliberately foregoes deterministically swift execution of procedures in favor of a latitude within which more genuine technical agreements may be reached.

IETF Area - A management division within the IETF. An Area consists of Working Groups related to a general topic such as routing. An Area is managed by one or two Area Directors.

Area Director - The manager of an IETF Area. The Area Directors along with the IETF Chair comprise the Internet Engineering Steering Group (IESG).

File Transfer Protocol (FTP) - An Internet application used to transfer files in a TCP/IP network.

gopher - An Internet application used to interactively select and retrieve files in a TCP/IP network.

Internet Architecture Board (IAB) - An appointed group that assists in the management of the IETF standards process.

Internet Engineering Steering Group (IESG) - A group comprised of the IETF Area Directors and the IETF Chair. The IESG is responsible for the management, along with the IAB, of the IETF and is the standards approval board for the IETF.

interoperable - For the purposes of this document, "interoperable" means to be able to interoperate over a data communications path.

Last-Call - A public comment period used to gage the level of consensus about the reasonableness of a proposed standards action. (see section 5.1.2)

online - Relating to information made available over the Internet. When referenced in this document material is said to be online when it is retrievable without restriction or undue fee using standard Internet applications such as anonymous FTP, gopher or the WWW.

Working Group - A group chartered by the IESG and IAB to work on a specific specification, set of specifications or topic.

All Internet standards and many other Internet specifications are documented in a series of documents called Request for Comments or RFCs. While the Internet standards may be the most famous of Internet documents, they are far from the only ones.

And, while all Internet standards are documented in RFCs,

If you want to know the differences, read on and enjoy.

Though most tech-savvy people know what an RFC is, or at least have heard of them, there are other documents related to Internet standards. They include:

• RFCs. The Request for Comments series is archival, meaning that no RFC will ever change.

They are meant to always be available in their original format, even if their status may change over time as a specification moves from being a proposed standard to a draft standard to an Internet standard to an historical RFC.

• STDs. These are Internet standards, and each STD points to one or more RFCs that contain

the specification(s) for that particular standard. The STD number stays the same even if a new RFC replaces (obsoletes) an old RFC defining the standard.

• FYIs. These are "for your information" documents which, according to RFC 1150, "F.Y.I.

Introduction to the F.Y.I. Notes", are intended to provide information about Internet topics, including answers to frequently asked questions and explanations of why things are the way they are on the Internet.

• BCPs. Defined in RFC 1818, the Best Current Practices series describe current practices for the Internet community. They provide a mechanism by which the IETF distributes information about what are considered to be the best ways of doing things; these mechanisms need not become standards either because they may change over time or they refer to administrative or other areas outside of the technology. BCPs also cover meta-issues, such as describing the process by which standards are created (see RFC 2026, for example, on the Internet standards process).

• Others. Over time there have been other document series, including RTRs (RARE Technical

Reports), IENs (Internet Engineering Notes), and others. Mostly, obody cares about these anymore.

Internet-Drafts (I-Ds) are very different beasts from RFCs, even though all RFCs these days start out at I-Ds. The biggest difference is that anyone can write and submit an I-D while RFCs are published only after the I-D makes it through extensive edits and a discussion period. I-Ds expire six months after they're published. And I-Ds are works in progress not to be cited by other works, because they are transient documents that are unlikely to be available in six months.

While having your name on an RFC is a very big deal, having your name on an I-D is not a very big deal at all. Even so, network vendors often claim their product or technology has been certified by the IETF when their drafts are published. The fact is, most I-Ds expire and disappear with little or no comment.

I-Ds become RFCs only after stringent review by the appropriate body (as we'll see in another article, to come). Some more differences:

specification for IPv4, published in 1981. When substantive flaws or errors are discoverd in an RFC, a new RFC must be written and processed through the system again. You're not allowed to just edit an old RFC to fix a typo.

• I-Ds are either valid or expired, depending on when they were published and what the date is now. On the other hand, RFCs are assigned a "state" or maturity level (their position on the standards track, or some other indicator) as well as a "status" (indicating requirements level).

• RFCs are usually the product of IETF working group, but anyone can submit an I-D.

An RFC's state indicates the kind of RFC it is; an RFC's status indicates whether or not the protocol specified in the RFC should be implemented (or how it should be implemented). Valid RFC states include:

• Standard Protocol. Internet Standards with a capital "S". A Standard Protocol has the IESG stamp

of approval. If you are going to do what the protocol in the RFC does, you have to do it the way the RFC says to do it. There are very few Standard RFCs.

• Draft Standard Protocol. These usually describe protocols that have already been widely

implemented and that the IESG is actively looking at for approval.Draft standards will probably make it to Standard (eventually) but will probably also need at least some changes based on experience of implementers and users.

• Proposed Standard Protocol. These are being offered as standards of thefuture. A proposed

standard protocol must have been implemented and deployed so that test results can be evaluated; a proposed standard stands a reasonable at making it to standard but it will almost definitely be changed along the way.

• Experimental Protocol. Experimental protocols are not for general use, and may not be safe

for one reason or another.

• Informational Protocol. These RFCs document information that is useful or interesting to the

Internet community, but which is not intended to be considered as a standard or on the standards track. Vendors sometimes publish proprietary specifications so other companies can build interoperable implementations. Examples include Sun's Network File System (NFS) and the Secure Sockets Layer (SSL) published by Netscape.

• Historical Protocol. No RFC is published as an historical RFC, but older documents are

sometimes classifed as historical because the protocol they specify is no longer of interest or has been made obsolete by newer versions, and the protocol itself is no longer in use.

Protocol status indicates a recommendation level. Status levels include:

• Required Protocol. This is required for all IP systems.

• Recommended Protocol. Recommended for all systems, meaning a standards-compliant system should have this but can still be compliant (in theory) even if it doesn't have it. Not implementing should be done only if there is a very good reason not to.

• Elective Protocol. Truly optional. There's no problem if this is left out of a system, but if it's implemented it must be implemented as defined in the specification.

• Limited Use Protocol. You shouldn't bother to implement this type of protocol; it's either experimental, limited in scope or function, or irrelevant.

Not Recommended Protocol. Not only shouldn't you implement these, you should take it off any systems under your control. Not only might it be experimental, limited in scope or function, or irrelevant, it may also be harmful or pose a security threat.