[http-auth] HOBA Client and Server(RFC 7486)
Andrew Mcconachie <andrew.mcconachie@icann.org> Tue, 17 May 2016 20:55 UTC
Return-Path: <andrew.mcconachie@icann.org>
X-Original-To: http-auth@ietfa.amsl.com
Delivered-To: http-auth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8D54312D11C for <http-auth@ietfa.amsl.com>; Tue, 17 May 2016 13:55:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.626
X-Spam-Level:
X-Spam-Status: No, score=-5.626 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-1.426, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ww4MFj73aGX6 for <http-auth@ietfa.amsl.com>; Tue, 17 May 2016 13:55:36 -0700 (PDT)
Received: from out.west.pexch112.icann.org (pfe112-ca-2.pexch112.icann.org [64.78.40.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 227F312D979 for <http-auth@ietf.org>; Tue, 17 May 2016 13:55:36 -0700 (PDT)
Received: from PMBX112-W1-CA-1.pexch112.icann.org (64.78.40.21) by PMBX112-W1-CA-1.pexch112.icann.org (64.78.40.21) with Microsoft SMTP Server (TLS) id 15.0.1130.7; Tue, 17 May 2016 13:55:34 -0700
Received: from PMBX112-W1-CA-1.pexch112.icann.org ([64.78.40.21]) by PMBX112-W1-CA-1.PEXCH112.ICANN.ORG ([64.78.40.21]) with mapi id 15.00.1130.005; Tue, 17 May 2016 13:55:34 -0700
From: Andrew Mcconachie <andrew.mcconachie@icann.org>
To: "http-auth@ietf.org" <http-auth@ietf.org>
Thread-Topic: HOBA Client and Server(RFC 7486)
Thread-Index: AQHRsH50dtV2Kd5fE0usauGCmBvgJw==
Date: Tue, 17 May 2016 20:55:32 +0000
Message-ID: <F5235CE2-1EDA-4B1A-9502-6E873C3734CF@icann.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [192.0.47.234]
Content-Type: multipart/alternative; boundary="_000_F5235CE21EDA4B1A95026E873C3734CFicannorg_"
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/http-auth/pnQLiEnM32GpdV8s70P4LmfrkUg>
Subject: [http-auth] HOBA Client and Server(RFC 7486)
X-BeenThere: http-auth@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: HTTP authentication methods <http-auth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/http-auth>, <mailto:http-auth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/http-auth/>
List-Post: <mailto:http-auth@ietf.org>
List-Help: <mailto:http-auth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/http-auth>, <mailto:http-auth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 May 2016 20:55:37 -0000
I’ve written a HOBA client and server. Both are licensed under GPLv3. The client is a Firefox plugin that can be downloaded here: https://addons.mozilla.org/en-US/firefox/addon/hoba/ The server lives here currently: https://synonomic.com/hoba Code for both is on Github: https://github.com/smutt/HOBA https://github.com/smutt/HOBA-server Neither client nor server are going to win any awards for UI design :) They’re both rather ugly, but they work. I did some things slightly differently than RFC 7486. The biggest difference is that I used JWK for public key format instead of PEM. There are a few other little things as well. This was a personal project unrelated to my day job. --Andrew
- [http-auth] HOBA Client and Server(RFC 7486) Andrew Mcconachie
- Re: [http-auth] HOBA Client and Server(RFC 7486) Stephen Farrell