Skip to main content

About RFCs

RFCs are the core output of the IETF.

The IETF publishes its technical documentation as RFCs, an acronym for their historical title *Requests for Comments*. They define the Internet's technical foundations, such as addressing, routing and transport technologies. They recommend operational best practice and specify application protocols that are used to deliver services used by billions of people every day.

RFCs are freely available and software developers, hardware manufacturers, and network operators around the world voluntarily implement and adopt the technical specifications described by RFCs.

RFCs are sequentially numbered, starting with RFC 1 published in 1969 (the RFC series predates the IETF). Today, there are more than 9000 individually numbered documents in the series. Each RFC has a status, generally one of 'Internet Standard', 'Proposed Standard', 'Informational', 'Experimental' or 'Historic'. Some statuses may change over time.

The RFC series has two sub-series, STDs and BCPs, with each numbered STD and BCP comprising one or more RFCs. STDs are 'Internet Standard' RFCs and BCPs are RFCs that describe Best Current Practices in the Internet, some of which are administrative processes for the IETF.

Once an RFC is published, it is never revised. If the specification it describes changes, the standard will be re-published in another RFC that "obsoletes" the first. If a technical or editorial error is found in an RFC, an errata may be linked to the RFC and/or held for the next document update.

The authoritative repository of RFCs is the RFC Editor website. The IETF Datatracker provides transparency on the process that resulted in the publication of each RFC.

The IETF recognizes that security vulnerabilities will be discovered in IETF protocols and welcomes their critical evaluation by researchers. If you believe that you have discovered a vulnerability in an IETF protocol then please follow our guidance on how to report vulnerabilities.