I-D Action: draft-williams-http-rest-auth-01.txt
internet-drafts@ietf.org Tue, 14 August 2012 02:25 UTC
Return-Path: <internet-drafts@ietf.org>
X-Original-To: i-d-announce@ietfa.amsl.com
Delivered-To: i-d-announce@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AF4FA21F8476 for <i-d-announce@ietfa.amsl.com>; Mon, 13 Aug 2012 19:25:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.385
X-Spam-Level:
X-Spam-Status: No, score=-102.385 tagged_above=-999 required=5 tests=[AWL=0.214, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bC-Kpc4x71yX for <i-d-announce@ietfa.amsl.com>; Mon, 13 Aug 2012 19:25:50 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 187BE21F846C for <i-d-announce@ietf.org>; Mon, 13 Aug 2012 19:25:50 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
Subject: I-D Action: draft-williams-http-rest-auth-01.txt
X-Test-IDTracker: no
X-IETF-IDTracker: 4.33
Message-ID: <20120814022550.12931.29828.idtracker@ietfa.amsl.com>
Date: Mon, 13 Aug 2012 19:25:50 -0700
X-BeenThere: i-d-announce@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: internet-drafts@ietf.org
List-Id: Internet Draft Announcements only <i-d-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i-d-announce>, <mailto:i-d-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/i-d-announce>
List-Post: <mailto:i-d-announce@ietf.org>
List-Help: <mailto:i-d-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i-d-announce>, <mailto:i-d-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Aug 2012 02:25:50 -0000
A New Internet-Draft is available from the on-line Internet-Drafts directories. Title : RESTful Authentication Pattern for the Hypertext Transport Protocol (HTTP) Author(s) : Nicolas Williams Filename : draft-williams-http-rest-auth-01.txt Pages : 22 Date : 2012-08-13 Abstract: This document proposes a "RESTful" pattern of authentication for HTTP/1.0, 1.1, and 2.0. The existing 401 status code and WWW- Authenticate header are used to indicate that authentication is required and for negotiation purposes. The client POSTs an initial authentication message to an indicated login URI, and reply messages are returned as new representations of a session resource named by a session URI. This approach has a number of benefits: it can be implemented with or without help from the HTTP stack, it can be universally implemented on the server side using the Common Information Gateway (CGI) and FastCGI, it results in a session Uniform Resource Identifier (URI) that can be DELETEd to logout, it is completely orthogonal to any HTTP "routers" and proxies, and it naturally (i.e., without changing HTTP) handles multi-legged authentication mechanisms. Among other features supported are: channel binding, an optional round trip optimization for challenge/response mechanisms, some cryptographic protection options for clients that don't use Transport Layer Security (TLS), stronger authentication of servers/services to users (where authentication mechanisms provide that) and more. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-williams-http-rest-auth There's also a htmlized version available at: http://tools.ietf.org/html/draft-williams-http-rest-auth-01 A diff from the previous version is available at: http://www.ietf.org/rfcdiff?url2=draft-williams-http-rest-auth-01 Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/
- I-D Action: draft-williams-http-rest-auth-01.txt internet-drafts