I-D Action: draft-oiwa-http-mutualauth-11.txt
internet-drafts@ietf.org Fri, 18 May 2012 15:29 UTC
Return-Path: <internet-drafts@ietf.org>
X-Original-To: i-d-announce@ietfa.amsl.com
Delivered-To: i-d-announce@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7798C21F86BA for <i-d-announce@ietfa.amsl.com>; Fri, 18 May 2012 08:29:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.533
X-Spam-Level:
X-Spam-Status: No, score=-102.533 tagged_above=-999 required=5 tests=[AWL=0.066, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2vy27s2f1S6n for <i-d-announce@ietfa.amsl.com>; Fri, 18 May 2012 08:29:47 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0048421F863C for <i-d-announce@ietf.org>; Fri, 18 May 2012 08:29:47 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
Subject: I-D Action: draft-oiwa-http-mutualauth-11.txt
X-Test-IDTracker: no
X-IETF-IDTracker: 4.02
Message-ID: <20120518152946.30275.84331.idtracker@ietfa.amsl.com>
Date: Fri, 18 May 2012 08:29:46 -0700
X-BeenThere: i-d-announce@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: internet-drafts@ietf.org
List-Id: Internet Draft Announcements only <i-d-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i-d-announce>, <mailto:i-d-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/i-d-announce>
List-Post: <mailto:i-d-announce@ietf.org>
List-Help: <mailto:i-d-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i-d-announce>, <mailto:i-d-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 May 2012 15:29:47 -0000
A New Internet-Draft is available from the on-line Internet-Drafts directories.
Title : Mutual Authentication Protocol for HTTP
Author(s) : Yutaka Oiwa
Hajime Watanabe
Hiromitsu Takagi
Boku Kihara
Tatsuya Hayashi
Yuichi Ioku
Filename : draft-oiwa-http-mutualauth-11.txt
Pages : 53
Date : 2012-05-18
This document specifies a mutual authentication method for the Hyper-
text Transport Protocol (HTTP). This method provides a true mutual
authentication between an HTTP client and an HTTP server using
password-based authentication. Unlike the Basic and Digest
authentication methods, the Mutual authentication method specified in
this document assures the user that the server truly knows the user's
encrypted password. This prevents common phishing attacks: a
phishing attacker controlling a fake website cannot convince a user
that he authenticated to the genuine website. Furthermore, even when
a user authenticates to an illegitimate server, the server cannot
gain any information about the user's password. The Mutual
authentication method is designed as an extension to the HTTP
protocol, and is intended to replace the existing authentication
methods used in HTTP (the Basic method, Digest method, and
authentication using HTML forms).
A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-oiwa-http-mutualauth-11.txt
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
This Internet-Draft can be retrieved at:
ftp://ftp.ietf.org/internet-drafts/draft-oiwa-http-mutualauth-11.txt
The IETF datatracker page for this Internet-Draft is:
https://datatracker.ietf.org/doc/draft-oiwa-http-mutualauth/
- I-D Action: draft-oiwa-http-mutualauth-11.txt internet-drafts