[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Search IETF archive

I-D Action: draft-williams-rest-gss-01.txt

A New Internet-Draft is available from the on-line Internet-Drafts directories.

	Title           : RESTful Hypertext Transfer Protocol Application-Layer Authentication Using Generic Security Services
	Author(s)       : Nicolas Williams
	Filename        : draft-williams-rest-gss-01.txt
	Pages           : 23
	Date            : 2012-06-02

   This document describes a method for application-layer authentication
   in Hypertext Transfer Protocol (HTTP) applications using Generic
   Security Services Application Programming Interface (GSS-API)
   mechanisms via, for simplicity, the Simple Authentication and
   Security Layers (SASL) mechanism bridge known as "GS2".  This
   approach to authentication allows for pluggability, mutual
   authentication, and channel binding, all with no changes to HTTP nor
   the Transport Layer Security (TLS).

   We hope that the use of mutual authentication and channel binding at
   the application layer will make phishing more difficult.  We hope
   that the use of authentication at the application layer will make
   REST-GSS deployable.

A URL for this Internet-Draft is:

Internet-Drafts are also available by anonymous FTP at:

This Internet-Draft can be retrieved at:

The IETF datatracker page for this Internet-Draft is:

I-D-Announce mailing list
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt

[IETF]     [IETF Discussion]     [Linux Kernel]