[apps-discuss] Updated HTTP Mutual authentication draft

Yutaka OIWA <y.oiwa@aist.go.jp> Tue, 05 July 2011 14:17 UTC

Return-Path: <y.oiwa@aist.go.jp>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 5392911E80AB; Tue, 5 Jul 2011 07:17:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.09
X-Spam-Status: No, score=-0.09 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_JP=1.244, HOST_EQ_JP=1.265]
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id wiwgka5xyqtU; Tue, 5 Jul 2011 07:17:52 -0700 (PDT)
Received: from mx1.aist.go.jp (mx1.aist.go.jp []) by ietfa.amsl.com (Postfix) with ESMTP id 44BA221F858D; Tue, 5 Jul 2011 07:17:52 -0700 (PDT)
Received: from rqsmtp1.aist.go.jp (rqsmtp1.aist.go.jp []) by mx1.aist.go.jp with ESMTP id p65EHowH000254; Tue, 5 Jul 2011 23:17:50 +0900 (JST) env-from (y.oiwa@aist.go.jp)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=aist.go.jp; s=aist; t=1309875470; bh=oGEyCnG3lyoDz1cydQMKppf/N7+0bxcT6RXYlSRAlQk=; h=From:Date:Message-ID; b=RZV9ehmEFqApeDSxnRRKhyH4XdahyyF6mXUzo2rRB24GHFmOsz0I8noEZ+WMIEUZ+ UEBwNBPs1qIIph+O5uOVGxNeWJ+kkh3p9f4+e3mmqwKhe3IKu6f0W0nSzgnZHDiskw cxmgqZMMKZphXqNB2LtM0nE3M1I+mpbD/sVYSqoE=
Received: from smtp3.aist.go.jp by rqsmtp1.aist.go.jp with ESMTP id p65EHoYa003048; Tue, 5 Jul 2011 23:17:50 +0900 (JST) env-from (y.oiwa@aist.go.jp)
Received: by smtp3.aist.go.jp with ESMTP id p65EHnVF015625; Tue, 5 Jul 2011 23:17:49 +0900 (JST) env-from (y.oiwa@aist.go.jp)
To: IETF HTTP-auth Mailing List <http-auth@ietf.org>
From: Yutaka OIWA <y.oiwa@aist.go.jp>
Date: Tue, 05 Jul 2011 23:17:49 +0900
Message-ID: <877h7w24mq.fsf@bluewind.rcis.aist.go.jp>
User-Agent: Gnus/5.11 (Gnus v5.11) Emacs/22.2 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Cc: saag <saag@ietf.org>, apps-discuss <apps-discuss@ietf.org>
Subject: [apps-discuss] Updated HTTP Mutual authentication draft
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: IETF HTTP-auth Mailing List <http-auth@ietf.org>
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Jul 2011 14:17:53 -0000

I've updated the http Mutual authentication proposal draft.

As suggested at Prague Bar-BoF, now I split out the cryptography part
from the core protocol part.  Current status of separation is a bit
technical and sloppy, I will improve some non-technical sections
such as introduction to make it more natural in the future.

In the next stage I'd also like to re-examine the http-auth extension
(optional auth and detailed auth control) part and separate it to
another draft, possibly after Quebec.

The drafts are now available at



Yutaka OIWA, Ph.D.                                       Research Scientist
                            Research Center for Information Security (RCIS)
    National Institute of Advanced Industrial Science and Technology (AIST)
                      Mail addresses: <y.oiwa@aist.go.jp>jp>, <yutaka@oiwa.jp>
OpenPGP: id[440546B5] fp[7C9F 723A 7559 3246 229D  3139 8677 9BD2 4405 46B5]