Trust by users in security and privacy on the Internet is a critical part of its success. A range of components, including robust implementations, careful deployment, and appropriate use of security technologies, is required to create a trusted Internet.
Technical standards and Best Current Practice documents developed in the IETF provide important foundational elements for security and privacy on the Internet. IETF standards strive to be resilient against a host of known and emerging threats. Internet security has long been an integral part of the process of developing Internet standards: for more than 20 years, all RFCs have been required to include a section that discusses the security considerations of the protocol or procedures that are the main topic of the RFC.
The IETF Security Directorate, consisting of the Working Group Chairs of the Security Area and selected individuals chosen for their technical knowledge in security, work with other groups within the IETF to help ensure IETF protocols provide an appropriate level of security for their intended usage.
A few recent and current efforts underway in the IETF are described below: