[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Search IETF archive

I-D Action: draft-farrell-httpbis-hoba-01.txt

A New Internet-Draft is available from the on-line Internet-Drafts directories.

	Title           : HTTP Origin-Bound Authentication (HOBA)
	Author(s)       : Stephen Farrell
                          Paul Hoffman
	Filename        : draft-farrell-httpbis-hoba-01.txt
	Pages           : 11
	Date            : 2012-07-16

   HTTP Origin-Bound Authentication (HOBA) is an HTTP authentication
   method with credentials that are not vulnerable to simple phishing
   attacks, and that does not require a server-side password database.
   It is an alternative to HTTP authentication that requires passwords
   and all the negative attributes that come with password-based
   systems.  HOBA can be integrated with account management and other
   applications running over HTTP and supports portability, so a user
   can associate more than one device or origin-bound certificate with
   the same service.  HOBA has many other useful features such as a
   mechanism to handle state-loss if one of a user's credentials is lost
   and a logout mechanism.

The IETF datatracker status page for this draft is:

There's also a htmlized version available at:

A diff from previous version is available at:

Internet-Drafts are also available by anonymous FTP at:

I-D-Announce mailing list
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt

[IETF]     [IETF Discussion]     [Linux Kernel]