draft-schinazi-httpbis-transport-auth at IETF 114 from David Schinazi on 2022-07-11 (ietf-http-wg@w3.org from July to September 2022)

From: David Schinazi <dschinazi.ietf@gmail.com>
Date: Mon, 11 Jul 2022 09:45:44 -0700
To: HTTP Working Group <ietf-http-wg@w3.org>, Mark Nottingham <mnot@mnot.net>, Tommy Pauly <tpauly@apple.com>
Cc: David Oliver <david@guardianproject.info>
Message-ID: <CAPDSy+4YQ=eNFM_V2mbX-y=dc7n2kpTpnCDYi2CmYbJpMwdqJQ@mail.gmail.com>

Hi HTTP enthusiasts,

You might remember draft-schinazi-httpbis-transport-auth from the early
days of MASQUE. Since then we had somewhat shelved it while focusing on the
other MASQUE specs, but now David Oliver has joined me as co-author and his
team built an independent implementation. We're interested in progressing
this document, and think it is in charter for HTTPBIS. I just submitted a
new revision that significantly updates the draft now that I
understand HTTP better than I did when this was first written.

The short summary is that this draft presents a new HTTP authentication
mechanism that has two key features: (1) it supports symmetric and
asymmetric cryptographic keys and (2) it is probe-resistant; i.e. it allows
the server to hide the fact that it serves resources that require
authentication.

Chairs, would it be possible to have a little bit of agenda time in HTTPBIS
at IETF 114 to present it to the WG please? 5 minutes presentation and 5
minutes questions should be enough.

https://datatracker.ietf.org/doc/draft-schinazi-httpbis-transport-auth/

Thanks,
David

Received on Monday, 11 July 2022 16:53:27 UTC