Re: [http-auth] [httpauth] Mutual authentication proposal
Yutaka OIWA <y.oiwa@aist.go.jp> Wed, 13 June 2012 03:50 UTC
Return-Path: <y.oiwa@aist.go.jp>
X-Original-To: http-auth@ietfa.amsl.com
Delivered-To: http-auth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E613B11E8098 for <http-auth@ietfa.amsl.com>; Tue, 12 Jun 2012 20:50:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.977
X-Spam-Level:
X-Spam-Status: No, score=-5.977 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0bWpcMNl6KSf for <http-auth@ietfa.amsl.com>; Tue, 12 Jun 2012 20:50:21 -0700 (PDT)
Received: from na3sys010aog106.obsmtp.com (na3sys010aog106.obsmtp.com [74.125.245.80]) by ietfa.amsl.com (Postfix) with ESMTP id DD8DC11E808D for <http-auth@ietf.org>; Tue, 12 Jun 2012 20:50:20 -0700 (PDT)
Received: from mail-pz0-f44.google.com ([209.85.210.44]) (using TLSv1) by na3sys010aob106.postini.com ([74.125.244.12]) with SMTP ID DSNKT9gN/BcVCVa8v7P7BgKZAJ6uQ/ThilYL@postini.com; Tue, 12 Jun 2012 20:50:20 PDT
Received: by dacx6 with SMTP id x6so449877dac.17 for <http-auth@ietf.org>; Tue, 12 Jun 2012 20:50:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=aist.go.jp; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :content-type:content-transfer-encoding; bh=MEC4uXzZQBLutmbzy3+eU4U/3AZX59Be7hIg3J4o+QI=; b=PxYALCTTuUoMhulHRTJ4l9JvVIp4B+VLIBOTog44Hi/5/Bvw2bLvc2nRKDrIiv9005 /tHbgpEVhrptNElvXFAquC1F+qJZDObdkjc3wIKkYF7QBqDoubQhTiBN1Qzu4/y/m8p5 447BLC/jnQ6yzuI9LKUU5jgWaMxT94JOLpQQI=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :content-type:content-transfer-encoding:x-gm-message-state; bh=MEC4uXzZQBLutmbzy3+eU4U/3AZX59Be7hIg3J4o+QI=; b=RXd41zyKHqKN64xwPGmReTCHnW9+S0UOEkiaqqWGFBoRSLNXjpcHya27PhjW9ZiJG2 iqfAzoJj95/wS6AT7Brd9JlpCn4DhnfwnFJ8+6fX9o3XVO5s/Ja9HxHp9N2s2gUvCHaf 81o6MmWurYpFsRi3AEfyndNJExOwXKsIDLHbLK4W7QFc+D83N9YcXhAmFyu8xIQ1E67d ZZtw8+G9FYAXNsh2ApOqVf//Wvo7bbYRRqb1/VoHH0m50uZRIn9Fn3DDtcyFrSt9pyJU 5vFA593zlGfoKkDxSMoHrdlLTlJ5+KQWQ107/seykclLCMJdPxKkTMSRzzjFhnrU0VuA lnoQ==
Received: by 10.68.225.201 with SMTP id rm9mr45879447pbc.71.1339559419522; Tue, 12 Jun 2012 20:50:19 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.66.254.42 with HTTP; Tue, 12 Jun 2012 20:49:59 -0700 (PDT)
In-Reply-To: <CAMeZVwvgsMdY_EMyODzTAbZrWxp=GQpj_y=mLOZoyOx24-XevQ@mail.gmail.com>
References: <CAMeZVwuGYZqoZOH1hvc=-YWFKUizjMJmj+=c3ZkgswdYYP3pxw@mail.gmail.com> <CAMeZVwvgsMdY_EMyODzTAbZrWxp=GQpj_y=mLOZoyOx24-XevQ@mail.gmail.com>
From: Yutaka OIWA <y.oiwa@aist.go.jp>
Date: Wed, 13 Jun 2012 12:49:59 +0900
Message-ID: <CAMeZVwsUmBVDYduXh06gy-FzBiyyP=B=HRvWFYkaZ5xtxqMr9Q@mail.gmail.com>
To: HTTP Working Group <ietf-http-wg@w3.org>, "http-auth@ietf.org" <http-auth@ietf.org>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
X-Gm-Message-State: ALoCoQmYjhpSlrH75HVBClwX/H6d8b2UPinZKy79v1CdtkyKGNqlZIy3Z6vffkFvCioZ7KX9qXBf
Subject: Re: [http-auth] [httpauth] Mutual authentication proposal
X-BeenThere: http-auth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: HTTP authentication methods <http-auth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/http-auth>, <mailto:http-auth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/http-auth>
List-Post: <mailto:http-auth@ietf.org>
List-Help: <mailto:http-auth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/http-auth>, <mailto:http-auth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Jun 2012 03:50:22 -0000
I put some document about some design decisions of our protocol on the wiki. It is available from http://trac.tools.ietf.org/wg/httpbis/trac/wiki/HttpAuthProposals/MutualAuth/LayeringDesigns Hope this will help you understanding how the things work. 2012/6/5 Yutaka OIWA <y.oiwa@aist.go.jp>: > Dear all, > > I created Wiki pages for my proposals: > > http://trac.tools.ietf.org/wg/httpbis/trac/wiki/HttpAuthProposals/MutualAuth > http://trac.tools.ietf.org/wg/httpbis/trac/wiki/HttpAuthProposals/AuthExtension > > I hope you will feel the information helpful. > > Cheers, > > Yutaka > > 2012/6/4 Yutaka OIWA <y.oiwa@aist.go.jp>: >> Dear all, >> >> with a few corrections from the May-21st draft, >> I submitted the HTTP Mutual authentication draft as an httpbis proposal. >> >> The proposal consists of two parts: >> >> <http://www.ietf.org/id/draft-oiwa-httpbis-mutualauth-00.txt> >> is the core proposal for HTTP Mutual authentication, >> using RFC 2617 architecture. >> >> <http://www.ietf.org/id/draft-oiwa-httpbis-auth-extension-00.txt> >> is the important companion draft for generic extensions >> which makes HTTP authentication useful again with >> many Web applications. >> >> The proposal is (both documents are) HTTP/1.1 compatible, and >> as far as core HTTP request/response semantics are kept, >> it should work with future HTTP/2.0, too. >> >> I will set up wiki pages for these around tomorrow or so. >> It will include information on available reference implementations, >> some more introductions and so on. >> I hope you will enjoy the proposed solution. >> >> Following previous suggestions on http-auth, crypto primitive choices >> are kept for future discussions. One of primitive candidates, >> which is now for an "example" or "reference" purpose, >> is available as an "individual" draft at >> <http://tools.ietf.org/html/draft-oiwa-http-mutualauth-algo-02>. >> To implement the core proposal now, please refer this, too. >> >> >> P. S. >> I also incremented the individual draft revisions for book-keeping purpose. >> (One of these depends on the revision numbers embedded to the protocol). >> Contents of these are exactly the same as httpbis-proposed versions. >> >> -- >> Yutaka OIWA, Ph.D. Leader, Software Reliability Research Group >> Research Institute for Secure Systems (RISEC) >> National Institute of Advanced Industrial Science and Technology (AIST) >> Mail addresses: <y.oiwa@aist.go.jp>, <yutaka@oiwa.jp> >> OpenPGP: id[440546B5] fp[7C9F 723A 7559 3246 229D 3139 8677 9BD2 4405 46B5] > > > > -- > Yutaka OIWA, Ph.D. Leader, Software Reliability Research Group > Research Institute for Secure Systems (RISEC) > National Institute of Advanced Industrial Science and Technology (AIST) > Mail addresses: <y.oiwa@aist.go.jp>, <yutaka@oiwa.jp> > OpenPGP: id[440546B5] fp[7C9F 723A 7559 3246 229D 3139 8677 9BD2 4405 46B5] -- Yutaka OIWA, Ph.D. Leader, Software Reliability Research Group Research Institute for Secure Systems (RISEC) National Institute of Advanced Industrial Science and Technology (AIST) Mail addresses: <y.oiwa@aist.go.jp>, <yutaka@oiwa.jp> OpenPGP: id[440546B5] fp[7C9F 723A 7559 3246 229D 3139 8677 9BD2 4405 46B5]
- [http-auth] [httpauth] Mutual authentication prop… Yutaka OIWA
- Re: [http-auth] [httpauth] Mutual authentication … Yutaka OIWA
- Re: [http-auth] [httpauth] Mutual authentication … Yutaka OIWA