W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2012

[httpauth] Mutual authentication proposal

From: Yutaka OIWA <y.oiwa@aist.go.jp>
Date: Mon, 4 Jun 2012 23:27:55 +0900
Message-ID: <CAMeZVwuGYZqoZOH1hvc=-YWFKUizjMJmj+=c3ZkgswdYYP3pxw@mail.gmail.com>
To: HTTP Working Group <ietf-http-wg@w3.org>, "http-auth@ietf.org" <http-auth@ietf.org>
Dear all,

with a few corrections from the May-21st draft,
I submitted the HTTP Mutual authentication draft as an httpbis proposal.

The proposal consists of two parts:

is the core proposal for HTTP Mutual authentication,
using RFC 2617 architecture.

is the important companion draft for generic extensions
which makes HTTP authentication useful again with
many Web applications.

The proposal is (both documents are) HTTP/1.1 compatible, and
as far as core HTTP request/response semantics are kept,
it should work with future HTTP/2.0, too.

I will set up wiki pages for these around tomorrow or so.
It will include information on available reference implementations,
some more introductions and so on.
I hope you will enjoy the proposed solution.

Following previous suggestions on http-auth, crypto primitive choices
are kept for future discussions.  One of primitive candidates,
which is now for an "example" or "reference" purpose,
is available as an "individual" draft at
To implement the core proposal now, please refer this, too.

P. S.
I also incremented the individual draft revisions for book-keeping purpose.
(One of these depends on the revision numbers embedded to the protocol).
Contents of these are exactly the same as httpbis-proposed versions.

Yutaka OIWA, Ph.D.              Leader, Software Reliability Research Group
                             Research Institute for Secure Systems (RISEC)
   National Institute of Advanced Industrial Science and Technology (AIST)
                     Mail addresses: <y.oiwa@aist.go.jp>, <yutaka@oiwa.jp>
OpenPGP: id[440546B5] fp[7C9F 723A 7559 3246 229D  3139 8677 9BD2 4405 46B5]
Received on Monday, 4 June 2012 14:29:40 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:00 UTC