Appendix C. The IETF and IETF Documents

The Internet Engineering Task Force (IETF) is the primary organization for Internet protocol standards. The IETF is an open organization that has evolved over many years and is currently under the general supervision of the Internet Architecture Board (IAB) and the Internet Engineering Steering Group (IESG). The first general IETF meeting was held in July 1986. IETF participants are volunteers, and the group has no defined membership. Funding comes from meeting attendance fees, contributions, and the Internet Society [ISOC]. You can learn more about the IETF from its Web site; see [IETF] for more information.

The IETF series of permanent documents is most analogous to a series of numbered books on a shelf. Once an RFC is issued, it is not changed. For historical reasons, these documents are called "Requests for Comments" (RFCs), a name that reflects the spirit of early IETF RFC documents but is somewhat misleading these days. The first RFC was issued in 1969, when RFCs were paper documents. While the IETF generally welcomes comments, the main purpose of most RFCs is to inform the community rather than to solicit comments. The Internet Draft series of transient, versioned drafts now supports the IETF comment solicitation function. This book references few Internet Drafts, due to their temporary nature, and then only as "works in progress." Such Drafts normally expire after six months.

The IETF specifies all central network layer, transport layer, and routing protocols in the Internet, which operate between the lower physical layers and the higher application layers. These protocols include TCP/IP, the global domain name system (DNS), and numerous routing protocols. The IETF also handles standards for some important applications, such as e-mail (SMTP [RFC 2821, 2822], MIME [RFC 2045]) and NFS (network file system), and it has expanded to a few standards below the Internet layer, including MPLS [RFC 3031].

The IETF considers the bits on the wire between interoperating systems to be the most important aspect of networking standards. It almost never standardizes application program interfaces (APIs), although it sometimes provides an API in an Informational RFC.

In general, standards for the World Wide Web have protocol and transport aspects as well as content aspects. The IETF handles the protocol and transport standards, particularly HTTP [RFC 2616]. The W3C handles content-type standards, particularly [HTML] and [XML] (see Appendix B).

Some contentious moments arose between the IETF and the W3C over XML Security. The IETF has a larger number of active participants and a stronger track record in the security and cryptographic area. The W3C has change control over XML and owns basic XML standards. The result of the two groups' interaction was a series of compromises. XMLDSIG was standardized by the first-ever joint IETF/W3C working group, with documents progressing along the standards tracks of, and being published by, both organizations. Canonicalization of XML was worked on in the XMLDSIG working group but advanced only along the W3C standards track, with the final version also being published as an Informational IETF document. XML Encryption is a W3C working group effort with the understanding that final versions of its documents would also be published as Informational IETF documents.