Some RFCs relevant for my purposes
793 Transmission Control Protocol
This seems to be the TCP in
TCP/IP
1123 Requirements for Internet Hosts -- Application and Support
Section 5.2.14 changes RFC 822 (Date and Time Specification)
1345 Character Mnemonics and Character Sets
1421 Privacy Enhancement for Internet Electronic Mail: Part I: Message Encryption and Authentication Procedures
Definition of message encryption and authentication procedures, in order to provide privacy-enhanced mail (PEM) services for electronic mail transfer in the Internet.
See also RFC 4716
1630 Universal Resource Identifiers in WWW: A Unifying Syntax for the Expression of Names and Addresses of Objects on the Network as used in the World-Wide Web
See also
RFC 1738, RFC 3986, RFC 4248, RFC 4266
1510 The Kerberos Network Authentication Service (V5)
Obsoleted by RFC 6649
1738 Uniform Resource Locators (URL)
Obsoleted by RFC 4248 (The telnet URI Scheme), RFC 4266 (The gopher URI Scheme)
Updated by RFC 1808, RFC 2368, RFC 2396, RFC 3986, RFC 6196, RFC 6270, RFC 8089
1766 Tags for the Identification of Languages
Obsoleted by RFC 3066 and RFC 3282
1818 Best Current Practice
1939 Post Office Protocol - Version 3
Obsoletes RFC 1725
Updated by RFC 1957, RFC 2449,
1945 Hypertext Transfer Protocol -- HTTP/1.0
See also RFC 2616
1950 ZLIB Compressed Data Format Specification version 3.3
Describes the
zlib header and trailer format.
1951 DEFLATE Compressed Data Format Specification version 1.3
Describes the deflate compressed data format.
1952 GZIP file format specification version 4.3
Describes the gzip header and trailer format.
1964 The Kerberos Version 5 GSS-API Mechanism
2046 Multipurpose Internet Mail Extensions (MIME) Part Two: Media Types
Obsoletes RFC 1521, RFC 1522, RFC 1590
Updated by RFC 2646, RFC 3798, RFC 5147, RFC 6657, RFC 8098
RFC2046 specifies that
Media Types (formerly known as
MIME types) and
Media Subtypes will be assigned and listed by the IANA.
2069 An Extension to HTTP : Digest Access Authentication
Obsoleted by RFC 2617
2104 HMAC: Keyed-Hashing for Message Authentication
2109 HTTP State Management Mechanism
Allegedly, RFC 2109 (as well as also
RFC 2965) have been ignored by almost everyone (and are obsolete anyway).
2181 Clarifications to the DNS Specification
2396 Uniform Resource Identifiers (URI): Generic Syntax
Obsoleted by RFC 3986, Updates RFC 1808, RFC 1738, Updated by RFC 2732
2397 The "data" URL scheme
The data URL scheme allows inclusion of small data items as »immediate« data, as if it had been included externally.
2616 Hypertext Transfer Protocol -- HTTP/1.1
Obsoletes RFC 2068
Updated by RFC 2817, RFC 5785, RFC 6266, RFC 6585
See also RFC 1945
2617 HTTP Authentication: Basic and Digest Access Authentication
Obsoletes RFC 2069
Obsoleted by
- RFC 7235 (Hypertext Transfer Protocol (HTTP/1.1): Authentication)
- RFC 7615 (HTTP Authentication-Info and Proxy-Authentication-Info Response Header Fields)
- RFC 7616 (HTTP Digest Access Authentication)
- RFC 7617 (The 'Basic' HTTP Authentication Scheme)
2693 SPKI Certificate Theory
2822 Email Submission Operations: Access and Accountability Requirements
2898 PKCS 5: Password-Based Cryptography Specification Version 2.0
Obsoleted by RFC 8018
2986 PKCS 10: Certification Request Syntax Specification Version 1.7
Updated by RFC 5967. Obsoletes RFC 2314
2965 HTTP State Management Mechanism
RFC 2965 defines three new
HTTP headers:
-
Cookie
-
Cookie2
(deprecated in RFC 6265)
-
Set-Cookie2
(also deprecated in RFC 6265)
RFC 2965 reflects implementation experience with
RFC 2109 and obsoletes it.
Allegedly, RFC 2965 (as well as also
RFC 2109) have been ignored by almost everyone (and are obsolete anyway).
3066 Tags for the Identification of Languages
Obsoletes 1766, obsoleted by
RFC 4646 and RFC 4647
3092 Etymology of "Foo"
Dated April 1st, 2001.
3339 Date and Time on the Internet: Timestamps
3629 UTF-8, a transformation format of ISO 10646
RFC 3629 obsoletes RFC 2279.
3875 The Common Gateway Interface (CGI) Version 1.1
3986 Uniform Resource Identifier (URI): Generic Syntax
Obsoletes RFC 2732, RFC 2396, RFC 1808
Updates RFC 1738
Updated by RFC 6874, RFC 7320
See also RFC 1630
3987 Internationalized Resource Identifiers (IRIs)
4086 Randomness Requirements for Security
Techniques for producing (pseudo-)random numbers suitable for software cryptographic systems.
4120 The Kerberos Network Authentication Service (V5)
4122 A Universally Unique IDentifier (UUID) URN Namespace
RFC 4122 specifies a
Uniform Resource Name namespace for UUIDs (Universally Unique IDentifiers), also known as GUIDs (Globally Unique IDentifiers).
4226 HOTP: An HMAC-Based One-Time Password Algorithm
Generation of HMAC (Hashed Message Authentication Code) one-time password generation algorithm (= HOTP).
A HOTP is essential for 2FA.
4248 The telnet URI Scheme
Obsoletes RFC 1738
4253 The Secure Shell (SSH) Transport Layer Protocol
Description of the
SSH transport layer protocol.
4266 The gopher URI Scheme
Obsoletes RFC 1738
4511 Lightweight Directory Access Protocol (LDAP): The Protocol
Obsoletes 2251, 2830, 3771
4559 SPNEGO-based Kerberos and NTLM HTTP Authentication in Microsoft Windows
RFC 4559 describes how the Microsoft Internet Explorer (MSIE) and Internet Information Services (IIS) incorporated in Microsoft Windows 2000 use
Kerberos for security enhancements of web transactions.
4627 The application/json Media Type for JavaScript Object Notation (JSON)
This RFC registered the
media type application/json
.
4646 Tags for Identifying Languages
4648 The Base16, Base32, and Base64 Data Encodings
RFC 4648 describes the
Base64, Base 32 and Base 16 encoding schemes.
RFC 4648 obsoletes RFC 3548
4716 The Secure Shell (SSH) Public Key File Format
In the context of the
SSH protocol, this RFC describes
- an existing public key file format that can be used with any of the common existing file transfer mechanisms in order to exchange public keys.
- a mechanism for creating a short text string that uniquely represents a particular public key, called fingerprinting.
See also RFC 1421
4880 OpenPGP Message Format
Obsoletes 1991, 2440
Updated by 5581
5234 Augmented BNF for Syntax Specifications: ABNF
See also
EBNF, RFCs 7405 and 4234
5280 Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile
Updated by RFCs 6818, 8398 and 8399.
5323 Web Distributed Authoring and Versioning (WebDAV) SEARCH
RFC 5323 defines Web Distributed Authoring and Versioning (WebDAV) SEARCH, an application of HTTP/1.1 forming a lightweight search protocol to transport queries and result sets that allows clients to make use of server-side search facilities.
5689 Extended MKCOL for Web Distributed Authoring and Versioning (WebDAV)
5849 The OAuth 1.0 Protocol
Obsoleted by RFC 6749
5988 Web Linking
RFC 5988
- specifies relation types for Web links and
- defines a registry for them and also
- defines the use of such links in HTTP headers with the Link header field.
6238 TOTP: Time-Based One-Time Password Algorithm
Description of an extension to the HMAC-based One-Time Password (HOTP) algorithm (
RFC 4226), to support the time-based moving factor.
6265 HTTP State Management Mechanism
RFC 6265 defines the header
HTTP header fields
Cookie
and
Set-Cookie
.
These header fields can be used by HTTP servers to store state (called cookies) at
user agents, letting the servers maintain a stateful session over the mostly stateless HTTP protocol.
RFC 6265 explicitly allowed user agents to implement whichever third-party cookie policy they wished.
Until the late 1990s, allowing third-party cookies was the default policy implemented by most major browser vendors.
6455 The WebSocket Protocol
The goal of the
WebSocket protocol is to provide a mechanism for
browser-based applications that need two-way communication with servers that does not rely on opening multiple
HTTP connections.
Compare with
XMLHttpRequest
,
<iframe>
and
long polling.
6648 Deprecating the "X-" Prefix and Similar Constructs in Application Protocols
6649 Deprecate DES, RC4-HMAC-EXP, and Other Weak Cryptographic Algorithms in Kerberos
RFC 6649 obsoletes RFC 1510
6749 The OAuth 2.0 Authorization Framework
Obsoletes RFC 5849
OAuth 2.0 focuses on simplicity for the developer.
6797 HTTP Strict Transport Security (HSTS)
Specification for web servers using the
Strict-Transport-Security
HTTP response header to declare that they want to be accessible only via secure connections and/or for users to be able to direct their user agent(s) to interact with given sites only over secure connections.
HSTS is concerned with the following
threat classes
- passive network attackers,
- active network attackers, and
- imperfect web developers.
HSTS is
explicitely not a remedy against the following threats:
6818 Updates to the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile
See also RFC 5280
6839 Additional Media Type Structured Syntax Suffixes
Updates RFC 3023
Updated by RFC 7303
7158 The JavaScript Object Notation (JSON) Data Interchange Format
7159 The JavaScript Object Notation (JSON) Data Interchange Format
7230 Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing
Obsoletes RFC 2145, RFC 2616
Updates RFC 2817, RFC 2818
7231 Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content
Obsoletes RFC 2616, Updates RFC 2817
7232 Hypertext Transfer Protocol (HTTP/1.1): Conditional Requests
Obsoletes RFC 2616
7233 Hypertext Transfer Protocol (HTTP/1.1): Range Requests
Obsoletes RFC 2616
7234 Hypertext Transfer Protocol (HTTP/1.1): Caching
Obsoletes RFC 2616
7235 Hypertext Transfer Protocol (HTTP/1.1): Authentication
Obsoletes RFC 2616, RFC 2617 (HTTP Authentication: Basic and Digest Access Authentication)
7540 Hypertext Transfer Protocol Version 2 (HTTP/2)
RFC 7540 describes HTTP/2 which is an optimized expression of the semantics of the Hypertext Transfer Protocol (HTTP),
7578 Returning Values from Forms: multipart/form-data
This specification defines the multipart/form-data
media type.
RFC 7578 obsoletes RFC 2388.
7615 HTTP Authentication-Info and Proxy-Authentication-Info Response Header Fields
Obsoletes RFC 2617
7616 HTTP Digest Access Authentication
Obsoletes RFC 2617
7617 The 'Basic' HTTP Authentication Scheme
RFC 7617 defines the
Basic
HTTP authentication scheme which transmits
credentials as user-id/password pairs, encoded using
Base64.
Obsoletes RFC 2617
7725 An HTTP Status Code to Report Legal Obstacles
RFC 7725 specifies a
HTTP status code when resource access is denied as a consequence of legal demands.
7946 The GeoJSON Format
Abstract:
GeoJSON is a geospatial data interchange format based on JavaScript Object Notation (JSON). It defines several types of JSON objects and the manner in which they are combined to represent data about geographic features, their properties, and their spatial extents. GeoJSON uses a geographic coordinate reference system, World Geodetic System 1984, and units of decimal degrees.
See also the function
geosjon
of the Oracle package
dbms_json
.
8018 PKCS 5: Password-Based Cryptography Specification Version 2.1
Obsoletes RFC 2898
8259 The JavaScript Object Notation (JSON) Data Interchange Format
8446 The Transport Layer Security (TLS) Protocol Version 1.3
8555 Automatic Certificate Management Environment (ACME)
The ACME protocol is used, for example, in conjunction with
Let's Encrypt.
8693 OAuth 2.0 Token Exchange
RFC 8693 specifies a protocol for an
HTTP- and
JSON-based
Security Token Service (STS).
An HTTP client and a
JSON parser is sufficient to implement RFC 8693.
9000 QUIC: A UDP-Based Multiplexed and Secure Transport
QUIC is a secure general-purpose transport protocol, allegedly more performant than TCP.
QUIC includes security features so that it does not require other protocols such as TLS.
QUIC identifies a connection by a unique id, not by IP addresses. Thus, a download can continue even when switching between Wi-Fi and mobile networks.
QUIC is supported by
nginx since version 1.25.0.