RFC 2119 - DeveloPassion

# RFC 2119 RFC 2119, titled "Key words for use in RFCs to Indicate Requirement Levels", is a Best Current Practice (BCP 14) document published by the IETF in March 1997. It defines how certain capitalized words should be interpreted in technical specifications and standards documents. ## Purpose In many standards track documents, several words are used to signify the requirements in the specification. These words are often capitalized. RFC 2119 defines these words as they should be interpreted in IETF documents. ## Standard Boilerplate Authors who follow these guidelines should incorporate this phrase near the beginning of their document: > The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119. ## Key Words Defined ### MUST / REQUIRED / SHALL This word, or the terms "REQUIRED" or "SHALL", mean that the definition is an **absolute requirement** of the specification. ### MUST NOT / SHALL NOT This phrase, or the phrase "SHALL NOT", mean that the definition is an **absolute prohibition** of the specification. ### SHOULD / RECOMMENDED This word, or the adjective "RECOMMENDED", mean that there may exist valid reasons in particular circumstances to ignore a particular item, but the full implications must be understood and carefully weighed before choosing a different course. ### SHOULD NOT / NOT RECOMMENDED This phrase, or the phrase "NOT RECOMMENDED" mean that there may exist valid reasons in particular circumstances when the particular behavior is acceptable or even useful, but the full implications should be understood and the case carefully weighed before implementing any behavior described with this label. ### MAY / OPTIONAL This word, or the adjective "OPTIONAL", mean that an item is truly optional. One vendor may choose to include the item because a particular marketplace requires it or because the vendor feels that it enhances the product while another vendor may omit the same item. An implementation which does not include a particular option MUST be prepared to interoperate with another implementation which does include the option, though perhaps with reduced functionality. ## Guidance for Use Imperatives of the type defined in RFC 2119 must be used with care and sparingly. In particular, they MUST only be used where it is actually required for interoperation or to limit behavior which has potential for causing harm (e.g., limiting retransmissions). They must not be used to try to impose a particular method on implementors where the method is not required for interoperability. ## Security Considerations These terms are frequently used to specify behavior with security implications. The effects on security of not implementing a MUST or SHOULD, or doing something the specification says MUST NOT or SHOULD NOT be done may be very subtle. Document authors should take the time to elaborate the security implications of not following recommendations or requirements. ## Metadata - **Author:** [[Scott Bradner]] (Harvard University) - **Published:** March 1997 - **Category:** Best Current Practice (BCP 14) - **Updated by:** RFC 8174 ## References - https://www.rfc-editor.org/rfc/rfc2119 - https://datatracker.ietf.org/doc/rfc2119