To be fair, security wasn’t even a consideration until RFCs were well into triple digits. We’re still very early, as they say.

> I have not seen a single "AI company" propose an RFC that was reviewed by the IETF and became a proper internet standard.

Why would the IETF have anything to do with LLM/agent standards? This seems like a category error. They also don’t ratify web standards, for example.