Jump to content

Internet Standard

From Wikipedia, the free encyclopedia
(Redirected from Proposed standard)

In computer network engineering, an Internet Standard is a normative specification of a technology or methodology applicable to the Internet. Internet Standards are created and published by the Internet Engineering Task Force (IETF). They allow interoperation of hardware and software from different sources which allows internets to function.[1] As the Internet became global, Internet Standards became the lingua franca of worldwide communications.[2]

Engineering contributions to the IETF start as an Internet Draft, may be promoted to a Request for Comments, and may eventually become an Internet Standard.

An Internet Standard is characterized by technical maturity and usefulness. The IETF also defines a Proposed Standard as a less mature but stable and well-reviewed specification. A Draft Standard was an intermediate level, discontinued in 2011.[3] A Draft Standard was an intermediary step that occurred after a Proposed Standard but prior to an Internet Standard.

As put in RFC 2026:

In general, an Internet Standard is a specification that is stable and well-understood, is technically competent, has multiple, independent, and interoperable implementations with substantial operational experience, enjoys significant public support, and is recognizably useful in some or all parts of the Internet.

Overview

[edit]

An Internet Standard is documented by[4] a Request for Comments (RFC) or a set of RFCs. A specification that is to become a Standard or part of a Standard begins as an Internet Draft, and is later, usually after several revisions, accepted and published by the RFC Editor as an RFC and labeled a Proposed Standard. Later, an RFC is elevated as Internet Standard, with an additional sequence number, when maturity has reached an acceptable level. Collectively, these stages are known as the Standards Track, and are defined in RFC 2026 and RFC 6410. The label Historic is applied to deprecated Standards Track documents or obsolete RFCs that were published before the Standards Track was established.

Only the IETF, represented by the Internet Engineering Steering Group (IESG), can approve Standards Track RFCs. The definitive list of Internet Standards is maintained in the Official Internet Protocol Standards. Previously, STD 1 used to maintain a snapshot of the list.[5]

History and the purpose of Internet Standards

[edit]

Internet standards are a set of rules that devices have to follow when they connect in a network. Since the technology has evolved, the rules of the engagement between computers had to evolve with it. These are the protocols that are in place used today. Most of these were developed long before the Internet Age, going as far back as the 1970s, not long after the creation of personal computers.

TCP/IP

The official date for when the first internet went live is January 1, 1983.[6] The Transmission Control Protocol/Internet Protocol (TCP/IP) went into effect. ARPANET (Advanced Research Projects Agency Network) and the Defense Data Network were the networks to implement the Protocols. These protocols are considered to be the essential part of how the Internet works because they define the rules by which the connections between servers operate. They are still used today by implementing various ways data is sent via global networks.

IPsec

Internet Protocol Security is a collection of protocols that ensure the integrity of encryption in the connection between multiple devices. The purpose of this protocol is to protect public networks. According to IETF Datatracker the group dedicated to its creation was proposed into existence on 25 November 1992.[7] Half a year later the group was created and not long after in the mid 1993 the first draft was published.

HTTP

HyperText Transfer Protocol is one of the most commonly used protocols today in the context of the World Wide Web. HTTP is a simple protocol to govern how documents, that are written in HyperText Mark Language(HTML), are exchanged via networks. This protocol is the backbone of the Web allowing for the whole hypertext system to exist practically. It was created by the team of developers spearheaded by Tim Berners-Lee. Berners-Lee is responsible for the proposal of its creation, which he did in 1989. August 6, 1991 is the date he published the first complete version of HTTP on a public forum.[8] This date subsequently is considered by some to be the official birth of the World Wide Web. HTTP has been continually evolving since its creation, becoming more complicated with time and progression of networking technology. By default HTTP is not encrypted so in practice HTTPS is used, which stands for HTTP Secure.

TLS/SSL

TLS stands for Transport Layer Security which is a standard that enables two different endpoints to interconnect sturdy and privately. TLS came as a replacement for SSL. Secure Sockets Layers was first introduced before the creation of HTTPS and it was created by Netscape. As a matter of fact HTTPS was based on SSL when it first came out. It was apparent that one common way of encrypting data was needed so the IETF specified TLS 1.0 in RFC 2246 in January, 1999.[9] It has been upgraded since. Last version of TLS is 1.3 from RFC 8446 in August 2018.

OSI Model

The Open Systems Interconnection model began its development in 1977.[10] It was created by the International Organization for Standardization. It was officially published and adopted as a standard for use in 1979. It was then updated several times and the final version. It took a few years for the protocol to be presented in its final form. ISO 7498 was published in 1984. Lastly in 1995 the OSI model was revised again satisfy the urgent needs of uprising development in the field of computer networking.

UDP

The goal of User Datagram Protocol was to find a way to communicate between two computers as quickly and efficiently as possible. UDP was conceived and realized by David P. Reed in 1980.[11] Essentially the way it works is using compression to send information. Data would be compressed into a datagram and sent point to point. This proved to be a secure way to transmit information and despite the drawback of losing quality of data UDP is still in use.

Standardization process

[edit]

Becoming a standard is a two-step process within the Internet Standards Process: Proposed Standard and Internet Standard. These are called maturity levels and the process is called the Standards Track.

If an RFC is part of a proposal that is on the Standards Track, then at the first stage, the standard is proposed and subsequently organizations decide whether to implement this Proposed Standard. After the criteria in RFC 6410 is met (two separate implementations, widespread use, no errata etc.),[12] the RFC can advance to Internet Standard.

The Internet Standards Process is defined in several "Best Current Practice" documents, notably BCP 9 (currently RFC 2026 and RFC 6410). There were previously three standard maturity levels: Proposed Standard, Draft Standard and Internet Standard. RFC 6410 reduced this to two maturity levels.

Proposed Standard

[edit]

RFC 2026 originally characterized Proposed Standards as immature specifications, but this stance was annulled by RFC 7127.[13]

A Proposed Standard specification is stable, has resolved known design choices, has received significant community review, and appears to enjoy enough community interest to be considered valuable. Usually, neither implementation nor operational experience is required for the designation of a specification as a Proposed Standard.

Proposed Standards are of such quality that implementations can be deployed in the Internet. However, as with all technical specifications, Proposed Standards may be revised if problems are found or better solutions are identified, when experiences with deploying implementations of such technologies at scale is gathered.

Many Proposed Standards are actually deployed on the Internet and used extensively, as stable protocols. Actual practice has been that full progression through the sequence of standards levels is typically quite rare, and most popular IETF protocols remain at Proposed Standard.[14]

Draft Standard

[edit]

In October 2011, RFC 6410 merged the second and third maturity levels into one Internet Standard. Existing older Draft Standards retain that classification, absent explicit actions. For old Draft Standards two possible actions[15] are available, which must be aproved by the IESG: A Draft Standard may be reclassified as an Internet Standard as soon as the criteria in RFC 6410[12] are satisfied; or, after two years since RFC 6410 was aproved as BCP (October 2013), the IESG can choose to reclassify an old Draft Standard as Proposed Standard.[16]

Internet Standard

[edit]

An Internet Standard is characterized by a high degree of technical maturity and by a generally held belief that the specified protocol or service provides significant benefit to the Internet community. Generally Internet Standards cover interoperability of systems on the Internet through defining protocols, message formats, schemas, and languages. An Internet Standard ensures that hardware and software produced by different vendors can work together. Having a standard makes it much easier to develop software and hardware that link different networks because software and hardware can be developed one layer at a time. Normally, the standards used in data communication are called protocols.

All Internet Standards are given a number in the STD series. The series was summarized in its first document, STD 1 (RFC 5000), until 2013, but this practice was retired in RFC 7100. The definitive list of Internet Standards is now maintained by the RFC Editor.[17]

Documents submitted to the IETF editor and accepted as an RFC are not revised; if the document has to be changed, it is submitted again and assigned a new RFC number. When an RFC becomes an Internet Standard (STD), it is assigned an STD number but retains its RFC number. When an Internet Standard is updated, its number is unchanged but refers to a different RFC or set of RFCs. For example, in 2007 RFC 3700 was an Internet Standard (STD 1) and in May 2008 it was replaced with RFC 5000. RFC 3700 received Historic status, and RFC 5000 became STD 1.

The list of Internet standards was originally published as STD 1 but this practice has been abandoned in favor of an online list maintained by the RFC Editor.[18]

Organizations of Internet Standards

[edit]

The standardization process is divided into three steps:

  1. Proposed standards are standards to be implemented and can be changed at any time
  2. The draft standard was carefully tested in preparation for riverside to form the future Internet standard
  3. Internet standards are mature standards.

There are five Internet standards organizations: the Internet Engineering Task Force (IETF), Internet Society (ISOC), Internet Architecture Board (IAB), Internet Research Task Force (IRTF), World Wide Web Consortium (W3C). All organizations are required to use and express the Internet language in order to remain competitive in the current Internet phase. Some basic aims of the Internet Standards Process are; ensure technical excellence; earlier implementation and testing; perfect, succinct as well as easily understood records.

Creating and improving the Internet Standards is an ongoing effort and Internet Engineering Task Force plays a significant role in this regard. These standards are shaped and available by the Internet Engineering Task Force (IETF). It is the leading Internet standards association that uses well-documented procedures for creating these standards. Once circulated, those standards are made easily accessible without any cost.

Till 1993, the United States federal government was supporting the IETF. Now, the Internet Society's Internet Architecture Board (IAB) supervises it. It is a bottom-up organization that has no formal necessities for affiliation and does not have an official membership procedure either. It watchfully works with the World Wide Web Consortium (W3C) and other standard development organizations. Moreover, it heavily relies on working groups that are constituted and proposed to an Area Director. IETF relies on its working groups for expansion of IETF conditions and strategies with a goal to make the Internet work superior.[19] The working group then operates under the direction of the Area Director and progress an agreement. After the circulation of the proposed charter to the IESG and IAB mailing lists and its approval then it is further forwarded to the public IETF. It is not essential to have the complete agreement of all working groups and adopt the proposal. IETF working groups are only required to recourse to check if the accord is strong.

Likewise, the Working Group produce documents in the arrangement of RFCs which are memorandum containing approaches, deeds, examination as well as innovations suitable to the functioning of the Internet and Internet-linked arrangements. In other words, Requests for Comments (RFCs) are primarily used to mature a standard network protocol that is correlated with network statements. Some RFCs are aimed to produce information while others are required to publish Internet standards. The ultimate form of the RFC converts to the standard and is issued with a numeral. After that, no more comments or variations are acceptable for the concluding form.[20] This process is followed in every area to generate unanimous views about a problem related to the internet and develop internet standards as a solution to different glitches. There are eight common areas on which IETF focus and uses various working groups along with an area director. In the "general" area it works and develops the Internet standards. In "Application" area it concentrates on internet applications such as Web-related protocols. Furthermore, it also works on the development of internet infrastructure in the form of PPP extensions. IETF also establish principles and description standards that encompass the Internet protocol suite (TCP/IP). The Internet Architecture Board (IAB) along with the Internet Research Task Force (IRTF) counterpart the exertion of the IETF using innovative technologies.

The IETF is the standards making organization concentrate on the generation of "standard" stipulations of expertise and their envisioned usage. The IETF concentrates on matters associated with the progress of current Internet and TCP/IP know-how. It is alienated into numerous working groups (WGs), every one of which is accountable for evolving standards and skills in a specific zone, for example routing or security. People in working groups are volunteers and work in fields such as equipment vendors, network operators and different research institutions. Firstly, it works on getting the common consideration of the necessities that the effort should discourse. Then an IETF Working Group is formed and necessities are ventilated in the influential Birds of a Feather (BoF) assemblies at IETF conferences.

Internet Engineering Task Force

[edit]

The Internet Engineering Task Force (IETF) is the premier internet standards organization. It follows an open and well-documented processes for setting internet standards. The resources that the IETF offers include RFCs, internet-drafts, IANA functions, intellectual property rights, standards process, and publishing and accessing RFCs.[21]

RFCs

[edit]
  • Documents that contain technical specifications and notes for the Internet.
  • The acronym RFC came from the phrase "Request For Comments" - this is not used anymore today and is now simply referred to as RFCs.[22]
  • The website RFC Editor is an official archive of internet standards, draft standards, and proposed standards.[23]

Internet Drafts

[edit]
  • Working documents of the IETF and its working groups.[24]
  • Other groups may distribute working documents as Internet-Drafts

Intellectual property rights

[edit]
  • All IETF standards are freely available to view and read, and generally free to implement by anyone without permission or payment.[25]

Standards Process

[edit]
  • The process of creating a standard is straightforward - a specification goes through an extensive review process by the Internet community and revised through experience.[26]

Publishing and accessing RFCs

[edit]
  • Internet-Drafts that successfully completed the review process.
  • Submitted to RFC editor for publication.

Types of Internet Standards

[edit]

There are two ways in which an Internet Standard is formed and can be categorized as one of the following: "de jure" standards and "de facto" standards.[27] A de facto standard becomes a standard through widespread use within the tech community. A de jure standard is formally created by official standard-developing organizations.[27] These standards undergo the Internet Standards Process. Common de jure standards include ASCII, SCSI, and Internet protocol suite.[23]

Internet Standard Specifications

[edit]

Specifications subject to the Internet Standards Process can be categorized into one of the following: Technical Specification (TS) and Applicability Statement (AS).[28] A Technical Specification is a statement describing all relevant aspects of a protocol, service, procedure, convention, or format.[28] This includes its scope and its intent for use, or "domain of applicability". However, a TSs use within the Internet is defined by an Applicability Statement. An AS specifies how, and under what circumstances, TSs may be applied to support a particular Internet capability. An AS identifies the ways in which relevant TSs are combined and specifies the parameters or sub-functions of TS protocols. An AS also describes the domains of applicability of TSs, such as Internet routers, terminal server, or datagram-based database servers.[28] An AS also applies one of the following "requirement levels" to each of the TSs to which it refers:

  • Required: Implementation of the referenced TS is required to achieve interoperability. For example, Internet systems using the Internet Protocol Suite are required to implement IP and ICMP.[28]
  • Recommended:  Implementation of the referenced TS is not required, but is desirable in the domain of applicability of the AS. Inclusion of the functions, features, and protocols of Recommended TSs in the developments of systems is encouraged. For example, the TELNET protocol should be implemented by all systems that intend to use remote access.[28]
  • Elective: Implementation of the referenced TS is optional. The TS is only necessary in a specific environment. For example, the DECNET MIB could be seen as valuable in an environment where the DECNET protocol is used.[28]

Common Standards

[edit]

Web Standards

[edit]

TCP/ IP Model & associated Internet Standards Web standards are a type of internet standard which define aspects of the World Wide Web. They allow for the building and rendering of websites. The three key standards used by the World Wide Web are Hypertext Transfer Protocol, HTML, and URL.[29] Respectively, they specify the transfer of data between a browser and a web server, the content and layout of a web page, and what web page identifiers mean.

Network Standards

[edit]

Network standards are a type of internet standard which defines rules for data communication in networking technologies and processes. Internet standards allow for the communication procedure of a device to or from other devices.

In reference to the TCP/IP Model, common standards and protocols in each layer are as follows:[citation needed]

The future of Internet Standards

[edit]

The Internet has been viewed as an open playground, free for people to use and communities to monitor. However, large companies have shaped and molded it to best fit their needs. The future of internet standards will be no different. Currently, there are widely used but insecure protocols such as the Border Gateway Protocol (BGP) and Domain Name System (DNS).[30]  This reflects common practices that focus more on innovation than security.  Companies have the power to improve these issues.  With the Internet in the hands of the industry, users must depend on businesses to protect vulnerabilities present in these standards.[30]

Ways to make BGP and DNS safer already exist but they are not widespread. For example, there is the existing BGP safeguard called Routing Public Key Infrastructure (RPKI). It is a database of routes that are known to be safe and have been cryptographically signed.[31] Users and companies submit routes and check other users' routes for safety. If it were more widely adopted, more routes could be added and confirmed. However, RPKI is picking up momentum. As of December 2020, tech giant Google registered 99% of its routes with RPKI.[31] They are making it easier for businesses to adopt BGP safeguards. DNS also has a security protocol with a low adoption rate: DNS Security Extensions (DNSSEC). Essentially, at every stage of the DNS lookup process, DNSSEC adds a signature to data to show it has not been tampered with.[32]

Some companies have taken the initiative to secure internet protocols. It is up to the rest to make it more widespread.

See also

[edit]

References

[edit]
  1. ^ Leiba, Barry (January 2008). "An Introduction to Internet Standards". IEEE Internet Computing. 12 (1): 71–74. doi:10.1109/MIC.2008.2. ISSN 1089-7801. S2CID 26168365. Archived from the original on 2022-02-09. Retrieved 2022-02-04.
  2. ^ Cath, Corinne; Floridi, Luciano (April 2017). "The Design of the Internet's Architecture by the Internet Engineering Task Force (IETF) and Human Rights". Science and Engineering Ethics. 23 (2): 449–468. doi:10.1007/s11948-016-9793-y. ISSN 1353-3452. PMID 27255607. S2CID 3613408.
  3. ^ Russell Housley; Dave Crocker; Eric W. Burger (11 October 2011). Reducing the Standards Track to Two Maturity Levels. IETF. doi:10.17487/RFC6410. RFC 6410.
  4. ^ Huitema, C.; Postel, J.; Crocker, S. (1995). "Not All RFCs are Standards". IETF Request for Comments (RFC) Pages - Test. ISSN 2070-1721. Archived from the original on 2018-03-20. Retrieved 2018-03-20.
  5. ^ RFC 7100 Retirement of the "Internet Official Protocol Standards" Summary Document
  6. ^ "A Brief History of the Internet". www.usg.edu. Archived from the original on 2002-02-18. Retrieved 2021-12-08.
  7. ^ "IP Security Protocol (ipsec) -". datatracker.ietf.org. Archived from the original on 2019-09-13. Retrieved 2021-12-08.
  8. ^ "Evolution of HTTP - HTTP | MDN". developer.mozilla.org. Archived from the original on 2023-03-27. Retrieved 2021-12-08.
  9. ^ "Transport Layer Security (TLS) - MDN Web Docs Glossary: Definitions of Web-related terms | MDN". developer.mozilla.org. Archived from the original on 2021-12-08. Retrieved 2021-12-08.
  10. ^ Alani, Mohammed M. (2014), "OSI Model", Guide to OSI and TCP/IP Models, SpringerBriefs in Computer Science, Cham: Springer International Publishing, pp. 5–17, doi:10.1007/978-3-319-05152-9_2, ISBN 978-3-319-05151-2, retrieved 2021-12-08
  11. ^ "What Is UDP | DiverseNet Inc". Archived from the original on 2021-12-08. Retrieved 2021-12-08.
  12. ^ a b Russell Housley; Dave Crocker; Eric W. Burger (11 October 2011). "The Second Maturity Level: Internet Standard". Reducing the Standards Track to Two Maturity Levels. IETF. sec. 2.2. doi:10.17487/RFC6410. RFC 6410. The request for reclassification is sent to the IESG along with an explanation of how the criteria have been met. The criteria are:...
  13. ^ "Characterization of Specifications". Characterization of Proposed Standards. IETF. January 2014. sec. 3. doi:10.17487/RFC7127. RFC 7127. Retrieved March 11, 2016.
  14. ^ "IETF Review of Proposed Standards". Characterization of Proposed Standards. IETF. January 2014. sec. 2. doi:10.17487/RFC7127. RFC 7127. Retrieved March 11, 2016.
  15. ^ Bradner, S. (October 1996). "Standards Actions". The Internet Standards Process -- Revision 3. sec. 6.1. doi:10.17487/rfc2026. RFC 2026.
  16. ^ Russell Housley; Dave Crocker; Eric W. Burger (11 October 2011). "Transition to a Standards Track with Two Maturity Levels". Reducing the Standards Track to Two Maturity Levels. IETF. sec. 2.3. doi:10.17487/RFC6410. RFC 6410.
  17. ^ "Official Internet Protocol Standards". Archived from the original on 2018-03-15. Retrieved 2018-03-19.
  18. ^ RFC 7100
  19. ^ Ma, D.; Mandelberg, D.; Bruijnzeels, T. (August 2018). Simplified Local Internet Number Resource Management with the RPKI (SLURM). doi:10.17487/rfc8416. RFC 8416.
  20. ^ Knieps, Günter (September 2015). "Entrepreneurial Traffic Management and the Internet Engineering Task Force". Journal of Competition Law and Economics. 11 (3): 727–745. doi:10.1093/joclec/nhv018. ISSN 1744-6414.
  21. ^ Society., Internet Engineering Task Force. Internet (2005). IETF journal. Internet Society. OCLC 746928702.
  22. ^ "RFCs". IETF. Archived from the original on 2021-12-06. Retrieved 2021-12-08.
  23. ^ a b Internet Official Protocol Standards. May 2008. doi:10.17487/rfc5000. RFC 5000.
  24. ^ Farrel, A. (April 2014). Handling of Internet-Drafts by IETF Working Groups. doi:10.17487/rfc7221. RFC 7221.
  25. ^ Intellectual Property Rights in IETF Technology. March 2005. doi:10.17487/rfc3979. RFC 3979.
  26. ^ Hovey, R.; Bradner, S. (October 1996). The Organizations Involved in the IETF Standards Process. doi:10.17487/rfc2028. RFC 2028.
  27. ^ a b Nickerson; Muehlen (2006). "The Ecology of Standards Processes: Insights from Internet Standard Making". MIS Quarterly. 30: 467–488. doi:10.2307/25148769. JSTOR 25148769.
  28. ^ a b c d e f Bradner, S. (October 1996). The Internet Standards Process -- Revision 3. doi:10.17487/rfc2026. RFC 2026.
  29. ^ Comer, Douglas (2015). Computer networks and Internets (Sixth ed.). Boston, MA. ISBN 978-0-13-358793-7. OCLC 870649960.{{cite book}}: CS1 maint: location missing publisher (link)
  30. ^ a b Sherman, Justin (1 October 2020). "Mapping Private Sector Influence on the Internet: Starting with Internet Protocols". The Politics of Internet Security: Private Industry and the Future of the Web (Report). Atlantic Council. pp. 4–7. JSTOR resrep26661.5.
  31. ^ a b Newman, Lily Hay. "A Broken Piece of Internet Backbone Might Finally Get Fixed". Wired. ISSN 1059-1028. Retrieved 2021-12-08.
  32. ^ "DNSSEC: An Introduction". The Cloudflare Blog. 2014-10-07. Archived from the original on 2021-12-06. Retrieved 2021-12-08.
[edit]