Re: [httpauth] Mutual authentication proposal from Yutaka OIWA on 2012-06-05 (ietf-http-wg@w3.org from April to June 2012)

From: Yutaka OIWA <y.oiwa@aist.go.jp>
Date: Tue, 5 Jun 2012 14:27:56 +0900
To: HTTP Working Group <ietf-http-wg@w3.org>, "http-auth@ietf.org" <http-auth@ietf.org>
Message-ID: <CAMeZVwvgsMdY_EMyODzTAbZrWxp=GQpj_y=mLOZoyOx24-XevQ@mail.gmail.com>

Dear all,

I created Wiki pages for my proposals:

http://trac.tools.ietf.org/wg/httpbis/trac/wiki/HttpAuthProposals/MutualAuth
http://trac.tools.ietf.org/wg/httpbis/trac/wiki/HttpAuthProposals/AuthExtension

I hope you will feel the information helpful.

Cheers,

Yutaka

2012/6/4 Yutaka OIWA <y.oiwa@aist.go.jp>:
> Dear all,
>
> with a few corrections from the May-21st draft,
> I submitted the HTTP Mutual authentication draft as an httpbis proposal.
>
> The proposal consists of two parts:
>
> <http://www.ietf.org/id/draft-oiwa-httpbis-mutualauth-00.txt>
> is the core proposal for HTTP Mutual authentication,
> using RFC 2617 architecture.
>
> <http://www.ietf.org/id/draft-oiwa-httpbis-auth-extension-00.txt>
> is the important companion draft for generic extensions
> which makes HTTP authentication useful again with
> many Web applications.
>
> The proposal is (both documents are) HTTP/1.1 compatible, and
> as far as core HTTP request/response semantics are kept,
> it should work with future HTTP/2.0, too.
>
> I will set up wiki pages for these around tomorrow or so.
> It will include information on available reference implementations,
> some more introductions and so on.
> I hope you will enjoy the proposed solution.
>
> Following previous suggestions on http-auth, crypto primitive choices
> are kept for future discussions.  One of primitive candidates,
> which is now for an "example" or "reference" purpose,
> is available as an "individual" draft at
> <http://tools.ietf.org/html/draft-oiwa-http-mutualauth-algo-02>.
> To implement the core proposal now, please refer this, too.
>
>
> P. S.
> I also incremented the individual draft revisions for book-keeping purpose.
> (One of these depends on the revision numbers embedded to the protocol).
> Contents of these are exactly the same as httpbis-proposed versions.
>
> --
> Yutaka OIWA, Ph.D.              Leader, Software Reliability Research Group
>                              Research Institute for Secure Systems (RISEC)
>    National Institute of Advanced Industrial Science and Technology (AIST)
>                      Mail addresses: <y.oiwa@aist.go.jp>, <yutaka@oiwa.jp>
> OpenPGP: id[440546B5] fp[7C9F 723A 7559 3246 229D  3139 8677 9BD2 4405 46B5]



-- 
Yutaka OIWA, Ph.D.              Leader, Software Reliability Research Group
                             Research Institute for Secure Systems (RISEC)
   National Institute of Advanced Industrial Science and Technology (AIST)
                     Mail addresses: <y.oiwa@aist.go.jp>, <yutaka@oiwa.jp>
OpenPGP: id[440546B5] fp[7C9F 723A 7559 3246 229D  3139 8677 9BD2 4405 46B5]

Received on Tuesday, 5 June 2012 05:28:41 UTC