[http-auth] RFC 8120 on Mutual Authentication Protocol for HTTP

rfc-editor@rfc-editor.org Tue, 11 April 2017 23:12 UTC

Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: http-auth@ietfa.amsl.com
Delivered-To: http-auth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3D524126C22; Tue, 11 Apr 2017 16:12:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.202
X-Spam-Level:
X-Spam-Status: No, score=-4.202 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NrYHbMIpKwI4; Tue, 11 Apr 2017 16:12:20 -0700 (PDT)
Received: from rfc-editor.org (rfc-editor.org [4.31.198.49]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B615D1201F8; Tue, 11 Apr 2017 16:12:20 -0700 (PDT)
Received: by rfc-editor.org (Postfix, from userid 30) id 6CC51B8114B; Tue, 11 Apr 2017 16:12:16 -0700 (PDT)
To: ietf-announce@ietf.org, rfc-dist@rfc-editor.org
X-PHP-Originating-Script: 1005:ams_util_lib.php
From: rfc-editor@rfc-editor.org
Cc: rfc-editor@rfc-editor.org, drafts-update-ref@iana.org, http-auth@ietf.org
Message-Id: <20170411231216.6CC51B8114B@rfc-editor.org>
Date: Tue, 11 Apr 2017 16:12:16 -0700 (PDT)
Archived-At: <https://mailarchive.ietf.org/arch/msg/http-auth/rv6tmfkSgB2hJz1tbzM8sMCGu9o>
Subject: [http-auth] RFC 8120 on Mutual Authentication Protocol for HTTP
X-BeenThere: http-auth@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: HTTP authentication methods <http-auth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/http-auth>, <mailto:http-auth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/http-auth/>
List-Post: <mailto:http-auth@ietf.org>
List-Help: <mailto:http-auth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/http-auth>, <mailto:http-auth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Apr 2017 23:12:22 -0000

A new Request for Comments is now available in online RFC libraries.

        
        RFC 8120

        Title:      Mutual Authentication Protocol for HTTP 
        Author:     Y. Oiwa, H. Watanabe,
                    H. Takagi, K. Maeda,
                    T. Hayashi, Y. Ioku
        Status:     Experimental
        Stream:     IETF
        Date:       April 2017
        Mailbox:    y.oiwa@aist.go.jp, 
                    h-watanabe@aist.go.jp, 
                    takagi.hiromitsu@aist.go.jp, 
                    kaorumaeda.ml@gmail.com, 
                    hayashi@lepidum.co.jp,
                    mutual-work@ioku.org
        Pages:      53
        Characters: 119330
        Updates/Obsoletes/SeeAlso:   None

        I-D Tag:    draft-ietf-httpauth-mutual-11.txt

        URL:        https://www.rfc-editor.org/info/rfc8120

        DOI:        10.17487/RFC8120

This document specifies an authentication scheme for the Hypertext
Transfer Protocol (HTTP) that is referred to as either the Mutual
authentication scheme or the Mutual authentication protocol.  This
scheme provides true mutual authentication between an HTTP client and
an HTTP server using password-based authentication.  Unlike the Basic
and Digest authentication schemes, the Mutual authentication scheme
specified in this document assures the user that the server truly
knows the user's encrypted password.

This document is a product of the Hypertext Transfer Protocol Authentication Working Group of the IETF.


EXPERIMENTAL: This memo defines an Experimental Protocol for the
Internet community.  It does not specify an Internet standard of any
kind. Discussion and suggestions for improvement are requested.
Distribution of this memo is unlimited.

This announcement is sent to the IETF-Announce and rfc-dist lists.
To subscribe or unsubscribe, see
  https://www.ietf.org/mailman/listinfo/ietf-announce
  https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist

For searching the RFC series, see https://www.rfc-editor.org/search
For downloading RFCs, see https://www.rfc-editor.org/retrieve/bulk

Requests for special distribution should be addressed to either the
author of the RFC in question, or to rfc-editor@rfc-editor.org.  Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.


The RFC Editor Team
Association Management Solutions, LLC