Request For Comments storage

Documents related to 'security'

1973, RFC0602: "The stockings were hung by the chimney with care"

1991, RFC1281: Guidelines for the Secure Operation of the Internet

1992, RFC1319: The MD2 Message-Digest Algorithm

1992, RFC1320: The MD4 Message-Digest Algorithm

1992, RFC1321: The MD5 Message-Digest Algorithm

1993, RFC1409: Telnet Authentication Option

1993, RFC1411: Telnet Authentication: Kerberos Version 4

1993, RFC1412: Telnet Authentication: SPX

1993, RFC1416: Telnet Authentication Option

1993, RFC1510: The Kerberos Network Authentication Service (V5)

1994, RFC1579: Firewall-Friendly FTP

1994, RFC1704: On Internet Authentication

1994, RFC1751: A Convention for Human-Readable 128-bit Keys

1995, RFC1760: The S/KEY One-Time Password System

1995, RFC1805: Location-Independent Data/Software Integrity Protocol

1995, RFC1826: IP Authentication Header

1995, RFC1828: IP Authentication using Keyed MD5

1995, RFC1829: The ESP DES-CBC Transform

1996, RFC1919: Classical versus Transparent IP Proxies

1996, RFC1949: Scalable Multicast Key Distribution

1996, RFC1961: GSS-API Authentication Method for SOCKS Version 5

1996, RFC1964: The Kerberos Version 5 GSS-API Mechanism

1996, RFC1984: IAB and IESG Statement on Cryptographic Technology and the Internet

1997, RFC2085: HMAC-MD5 IP Authentication with Replay Prevention

1997, RFC2104: HMAC: Keyed-Hashing for Message Authentication

1997, RFC2203: RPCSEC_GSS Protocol Specification

1997, RFC2207: RSVP Extensions for IPSEC Data Flows

1997, RFC2245: Anonymous SASL Mechanism

1998, RFC2261: An Architecture for Describing SNMP Management Frameworks

1998, RFC2271: An Architecture for Describing SNMP Management Frameworks

1998, RFC2356: Sun's SKIP Firewall Traversal for Mobile IP

1998, RFC2367: PF_KEY Key Management API, Version 2

1998, RFC2402: IP Authentication Header

1998, RFC2404: The Use of HMAC-SHA-1-96 within ESP and AH

1998, RFC2406: IP Encapsulating Security Payload (ESP)

1998, RFC2407: The Internet IP Security Domain of Interpretation for ISAKMP

1998, RFC2409: The Internet Key Exchange (IKE)

1998, RFC2478: The Simple and Protected GSS-API Negotiation Mechanism

1999, RFC2487: SMTP Service Extension for Secure SMTP over TLS

1999, RFC2510: Internet X.509 Public Key Infrastructure Certificate Management Protocols

1999, RFC2511: Internet X.509 Certificate Request Message Format

1999, RFC2521: ICMP Security Failures Messages

1999, RFC2523: Photuris: Extended Schemes and Attributes

1999, RFC2527: Internet X.509 Public Key Infrastructure Certificate Policy and Certification Practices Framework

1999, RFC2528: Internet X.509 Public Key Infrastructure Representation of Key Exchange Algorithm (KEA) Keys in Internet X.509 Public Key Infrastructure Certificates

1999, RFC2537: RSA/MD5 KEYs and SIGs in the Domain Name System (DNS)

1999, RFC2539: Storage of Diffie-Hellman Keys in the Domain Name System (DNS)

1999, RFC2540: Detached Domain Name System (DNS) Information

1999, RFC2554: SMTP Service Extension for Authentication

1999, RFC2560: X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP

1999, RFC2588: IP Multicast and Firewalls

1999, RFC2595: Using TLS with IMAP, POP3 and ACAP

1999, RFC2612: The CAST-256 Encryption Algorithm

1999, RFC2617: HTTP Authentication: Basic and Digest Access Authentication

1999, RFC2618: RADIUS Authentication Client MIB

1999, RFC2619: RADIUS Authentication Server MIB

1999, RFC2620: RADIUS Accounting Client MIB

1999, RFC2621: RADIUS Accounting Server MIB

1999, RFC2628: Simple Cryptographic Program Interface (Crypto API)

1999, RFC2704: The KeyNote Trust-Management System Version 2

1999, RFC2725: Routing Policy System Security

1999, RFC2726: PGP Authentication for RIPE Database Updates

2000, RFC2747: RSVP Cryptographic Authentication

2000, RFC2754: RPS IANA Issues

2000, RFC2785: Methods for Avoiding the "Small-Subgroup" Attacks on the Diffie-Hellman Key Agreement Method for S/MIME

2000, RFC2802: Digital Signatures for the v1.0 Internet Open Trading Protocol (IOTP)

2000, RFC2808: The SecurID(r) SASL Mechanism

2000, RFC2818: HTTP Over TLS

2000, RFC2829: Authentication Methods for LDAP

2000, RFC2870: Root Name Server Operational Requirements

2000, RFC2875: Diffie-Hellman Proof-of-Possession Algorithms

2000, RFC2931: DNS Request and Transaction Signatures ( SIG(0)s )

2000, RFC2941: Telnet Authentication Option

2000, RFC2979: Behavior of and Requirements for Internet Firewalls

2000, RFC2984: Use of the CAST-128 Encryption Algorithm in CMS

2000, RFC2994: A Description of the MISTY1 Encryption Algorithm

2000, RFC3007: Secure Domain Name System (DNS) Dynamic Update

2001, RFC3026: Liaison to IETF/ISOC on ENUM

2001, RFC3078: Microsoft Point-To-Point Encryption (MPPE) Protocol

2001, RFC3079: Deriving Keys for use with Microsoft Point-to-Point Encryption (MPPE)

2001, RFC3084: COPS Usage for Policy Provisioning (COPS-PR)

2001, RFC3097: RSVP Cryptographic Authentication -- Updated Message Type Value

2001, RFC3110: RSA/SHA-1 SIGs and RSA KEYs in the Domain Name System (DNS)

2001, RFC3129: Requirements for Kerberized Internet Negotiation of Keys

2001, RFC3130: Notes from the State-Of-The-Technology: DNSSEC

2001, RFC3161: Internet X.509 Public Key Infrastructure Time-Stamp Protocol (TSP)

2002, RFC3206: The SYS and AUTH POP Response Codes

2001, RFC3226: DNSSEC and IPv6 A6 aware server/resolver message size requirements

2002, RFC3227: Guidelines for Evidence Collection and Archiving

2002, RFC3244: Microsoft Windows 2000 Kerberos Change Password and Set Password Protocols

2002, RFC3281: An Internet Attribute Certificate Profile for Authorization

2002, RFC3394: Advanced Encryption Standard (AES) Key Wrap Algorithm

2003, RFC3456: Dynamic Host Configuration Protocol (DHCPv4) Configuration of IPsec Tunnel Mode

2003, RFC3504: Internet Open Trading Protocol (IOTP) Version 1, Errata

2003, RFC3547: The Group Domain of Interpretation

2003, RFC3554: On the Use of Stream Control Transmission Protocol (SCTP) with IPsec

2003, RFC3562: Key Management Considerations for the TCP MD5 Signature Option

2003, RFC3565: Use of the Advanced Encryption Standard (AES) Encryption Algorithm in Cryptographic Message Syntax (CMS)

2003, RFC3602: The AES-CBC Cipher Algorithm and Its Use with IPsec

2003, RFC3610: Counter with CBC-MAC (CCM)

2003, RFC3647: Internet X.509 Public Key Infrastructure Certificate Policy and Certification Practices Framework

2004, RFC3657: Use of the Camellia Encryption Algorithm in Cryptographic Message Syntax (CMS)

2003, RFC3658: Delegation Signer (DS) Resource Record (RR)

2004, RFC3713: A Description of the Camellia Encryption Algorithm

2004, RFC3723: Securing Block Storage Protocols over IP

2004, RFC3759: RObust Header Compression (ROHC): Terminology and Channel Mapping Examples

2004, RFC3766: Determining Strengths For Public Keys Used For Exchanging Symmetric Keys

2004, RFC3776: Using IPsec to Protect Mobile IPv6 Signaling Between Mobile Nodes and Home Agents

2004, RFC3788: Security Considerations for Signaling Transport (SIGTRAN) Protocols

2004, RFC3833: Threat Analysis of the Domain Name System (DNS)

2005, RFC4094: Analysis of Existing Quality-of-Service Signaling Protocols

2005, RFC4120: The Kerberos Network Authentication Service (V5)

2005, RFC4178: The Simple and Protected Generic Security Service Application Program Interface (GSS-API) Negotiation Mechanism

2005, RFC4211: Internet X.509 Public Key Infrastructure Certificate Request Message Format (CRMF)

2005, RFC4217: Securing FTP with TLS

2005, RFC4302: IP Authentication Header

2005, RFC4303: IP Encapsulating Security Payload (ESP)

2005, RFC4305: Cryptographic Algorithm Implementation Requirements for Encapsulating Security Payload (ESP) and Authentication Header (AH)

2005, RFC4306: Internet Key Exchange (IKEv2) Protocol

2006, RFC4434: The AES-XCBC-PRF-128 Algorithm for the Internet Key Exchange Protocol (IKE)

2006, RFC4474: Enhancements for Authenticated Identity Management in the Session Initiation Protocol (SIP)

2006, RFC4505: Anonymous Simple Authentication and Security Layer (SASL) Mechanism

2006, RFC4563: The Key ID Information Type for the General Extension Payload in Multimedia Internet KEYing (MIKEY)

2006, RFC4668: RADIUS Authentication Client MIB for IPv6

2006, RFC4669: RADIUS Authentication Server MIB for IPv6

2006, RFC4670: RADIUS Accounting Client MIB for IPv6

2006, RFC4671: RADIUS Accounting Server MIB for IPv6

2007, RFC4765: The Intrusion Detection Message Exchange Format (IDMEF)

2007, RFC4767: The Intrusion Detection Exchange Protocol (IDXP)

2007, RFC4835: Cryptographic Algorithm Implementation Requirements for Encapsulating Security Payload (ESP) and Authentication Header (AH)

2007, RFC4890: Recommendations for Filtering ICMPv6 Messages in Firewalls

2007, RFC4998: Evidence Record Syntax (ERS)

2007, RFC5091: Identity-Based Cryptography Standard (IBCS) #1: Supersingular Curve Implementations of the BF and BB1 Cryptosystems

2008, RFC5304: IS-IS Cryptographic Authentication

2009, RFC5310: IS-IS Generic Cryptographic Authentication

2009, RFC5403: RPCSEC_GSS Version 2

2009, RFC5418: Control And Provisioning of Wireless Access Points (CAPWAP) Threat Analysis for IEEE 802.11 Deployments

2009, RFC5672: RFC 4871 DomainKeys Identified Mail (DKIM) Signatures -- Update

2009, RFC5698: Data Structure for the Security Suitability of Cryptographic Algorithms (DSSC)

2010, RFC5749: Distribution of EAP-Based Keys for Handover and Re-Authentication

2010, RFC5796: Authentication and Confidentiality in Protocol Independent Multicast Sparse Mode (PIM-SM) Link-Local Messages

2010, RFC5910: Domain Name System (DNS) Security Extensions Mapping for the Extensible Provisioning Protocol (EPP)

2010, RFC5932: Camellia Cipher Suites for TLS

2010, RFC6065: Using Authentication, Authorization, and Accounting Services to Dynamically Provision View-Based Access Control Model User-to-Group Mappings

2011, RFC6114: The 128-Bit Blockcipher CLEFIA

2011, RFC6139: Routing and Addressing in Networks with Global Enterprise Recursion (RANGER) Scenarios

2011, RFC6149: MD2 to Historic Status

2011, RFC6150: MD4 to Historic Status

2011, RFC6164: Using 127-Bit IPv6 Prefixes on Inter-Router Links

2011, RFC6178: Label Edge Router Forwarding of IPv4 Option Packets

2011, RFC6179: The Internet Routing Overlay Network (IRON)

2011, RFC6181: Threat Analysis for TCP Extensions for Multipath Operation with Multiple Addresses

2011, RFC6218: Cisco Vendor-Specific RADIUS Attributes for the Delivery of Keying Material

2011, RFC6233: IS-IS Registry Extension for Purges

2011, RFC6331: Moving DIGEST-MD5 to Historic

2011, RFC6382: Unique Origin Autonomous System Numbers (ASNs) per Node for Globally Anycasted Services

2011, RFC6404: Session PEERing for Multimedia INTerconnect (SPEERMINT) Security Threats and Suggested Countermeasures

2011, RFC6454: The Web Origin Concept

2012, RFC6518: Keying and Authentication for Routing Protocols (KARP) Design Guidelines

2012, RFC6538: The Host Identity Protocol (HIP) Experiment Report

2012, RFC6614: Transport Layer Security (TLS) Encryption for RADIUS

2012, RFC6618: Mobile IPv6 Security Framework Using Transport Layer Security for Communication between the Mobile Node and Home Agent

2012, RFC6622: Integrity Check Value and Timestamp TLV Definitions for Mobile Ad Hoc Networks (MANETs)

2012, RFC6784: Kerberos Options for DHCPv6

2013, RFC6811: BGP Prefix Origin Validation

2012, RFC6813: The Network Endpoint Assessment (NEA) Asokan Attack Analysis

2013, RFC6904: Encryption of Header Extensions in the Secure Real-time Transport Protocol (SRTP)

2013, RFC7070: An Architecture for Reputation Reporting

2013, RFC7071: A Media Type for Reputation Interchange

2013, RFC7072: A Reputation Query Protocol

2013, RFC7073: A Reputation Response Set for Email Identifiers

2013, RFC7076: P6R's Secure Shell Public Key Subsystem

2014, RFC7128: Resource Public Key Infrastructure (RPKI) Router Implementation Report

2014, RFC7182: Integrity Check Value and Timestamp TLV Definitions for Mobile Ad Hoc Networks (MANETs)

2014, RFC7183: Integrity Protection for the Neighborhood Discovery Protocol (NHDP) and Optimized Link State Routing Protocol Version 2 (OLSRv2)

2014, RFC7293: The Require-Recipient-Valid-Since Header Field and SMTP Service Extension

2014, RFC7350: Datagram Transport Layer Security (DTLS) as Transport for Session Traversal Utilities for NAT (STUN)

2014, RFC7353: Security Requirements for BGP Path Validation

2014, RFC7397: Report from the Smart Object Security Workshop

2014, RFC7404: Using Only Link-Local Addressing inside an IPv6 Network

2015, RFC7416: A Security Threat Analysis for the Routing Protocol for Low-Power and Lossy Networks (RPLs)

2015, RFC7430: Analysis of Residual Threats and Possible Fixes for Multipath TCP (MPTCP)

2015, RFC7474: Security Extension for OSPFv2 When Using Manual Key Management

2015, RFC7481: Security Services for the Registration Data Access Protocol (RDAP)

2015, RFC7489: Domain-based Message Authentication, Reporting, and Conformance (DMARC)

2015, RFC7492: Analysis of Bidirectional Forwarding Detection (BFD) Security According to the Keying and Authentication for Routing Protocols (KARP) Design Guidelines

2015, RFC7546: Structure of the Generic Security Service (GSS) Negotiation Loop

2015, RFC7585: Dynamic Peer Discovery for RADIUS/TLS and RADIUS/DTLS Based on the Network Access Identifier (NAI)

2015, RFC7687: Report from the Strengthening the Internet (STRINT) Workshop

2015, RFC7712: Domain Name Associations (DNA) in the Extensible Messaging and Presence Protocol (XMPP)

2016, RFC7744: Use Cases for Authentication and Authorization in Constrained Environments

2016, RFC7830: The EDNS(0) Padding Option

2016, RFC7943: A Method for Generating Semantically Opaque Interface Identifiers (IIDs) with the Dynamic Host Configuration Protocol for IPv6 (DHCPv6)

2017, RFC8207: BGPsec Operational Considerations

2017, RFC8240: Report from the Internet of Things Software Update (IoTSU) Workshop 2016

2017, RFC8253: PCEPS: Usage of TLS to Provide a Secure Transport for the Path Computation Element Communication Protocol (PCEP)

2018, RFC8387: Practical Considerations and Implementation Experiences in Securing Smart Object Networks

2018, RFC8417: Security Event Token (SET)

2018, RFC8467: Padding Policies for Extension Mechanisms for DNS (EDNS(0))

2018, RFC8481: Clarifications to BGP Origin Validation Based on Resource Public Key Infrastructure (RPKI)

2018, RFC8509: A Root Key Trust Anchor Sentinel for DNSSEC

2019, RFC8576: Internet of Things (IoT) Security: State of the Art and Challenges

2019, RFC8628: OAuth 2.0 Device Authorization Grant

2020, RFC8725: JSON Web Token Best Current Practices

2020, RFC8752: Report from the IAB Workshop on Exploring Synergy between Content Aggregation and the Publisher Ecosystem (ESCAPE)

2020, RFC8768: Constrained Application Protocol (CoAP) Hop-Limit Option

2020, RFC8782: Distributed Denial-of-Service Open Threat Signaling (DOTS) Signal Channel Specification

2020, RFC8783: Distributed Denial-of-Service Open Threat Signaling (DOTS) Data Channel Specification

2021, RFC8862: Best Practices for Securing RTP Media Signaled with SIP

2020, RFC8893: Resource Public Key Infrastructure (RPKI) Origin Validation for BGP Export

2020, RFC8915: Network Time Security for the Network Time Protocol

2020, RFC8937: Randomness Improvements for Security Protocols

2021, RFC8973: DDoS Open Threat Signaling (DOTS) Agent Discovery

2021, RFC9055: Deterministic Networking (DetNet) Security Considerations

2021, RFC9057: Email Author Header Field

2021, RFC9066: Distributed Denial-of-Service Open Threat Signaling (DOTS) Signal Channel Call Home

2021, RFC9099: Operational Security Considerations for IPv6 Networks

2021, RFC9106: Argon2 Memory-Hard Function for Password Hashing and Proof-of-Work Applications

2021, RFC9109: Network Time Protocol Version 4: Port Randomization

2021, RFC9126: OAuth 2.0 Pushed Authorization Requests

2021, RFC9132: Distributed Denial-of-Service Open Threat Signaling (DOTS) Signal Channel Specification

2021, RFC9133: Controlling Filtering Rules Using Distributed Denial-of-Service Open Threat Signaling (DOTS) Signal Channel

2021, RFC9145: Integrity Protection for the Network Service Header (NSH) and Encryption of Sensitive Context Headers

2022, RFC9172: Bundle Protocol Security (BPSec)

2022, RFC9173: Default Security Contexts for Bundle Protocol Security (BPSec)

2022, RFC9185: DTLS Tunnel between a Media Distributor and Key Distributor to Facilitate Key Exchange

2022, RFC9207: OAuth 2.0 Authorization Server Issuer Identification

2022, RFC9216: S/MIME Example Keys and Certificates

2022, RFC9305: Locator/ID Separation Protocol (LISP) Generic Protocol Extension

2022, RFC9323: A Profile for RPKI Signed Checklists (RSCs)

2023, RFC9396: OAuth 2.0 Rich Authorization Requests

2023, RFC9414: Unfortunate History of Transient Numeric Identifiers

2023, RFC9415: On the Generation of Transient Numeric Identifiers

2023, RFC9416: Security Considerations for Transient Numeric Identifiers Employed in Network Protocols

2023, RFC9446: Reflections on Ten Years Past the Snowden Revelations

2023, RFC9449: OAuth 2.0 Demonstrating Proof of Possession (DPoP)

2023, RFC9456: Updates to the TLS Transport Model for SNMP

2023, RFC9464: Internet Key Exchange Protocol Version 2 (IKEv2) Configuration for Encrypted DNS

2024, RFC9467: Relaxed Packet Counter Verification for Babel MAC Authentication

2023, RFC9470: OAuth 2.0 Step Up Authentication Challenge Protocol