The IESG has approved the following document: - 'Mutual Authentication Protocol for HTTP: KAM3-based Cryptographic Algorithms' (draft-ietf-httpauth-mutual-algo-07.txt) as Experimental RFC This document is the product of the Hypertext Transfer Protocol Authentication Working Group. The IESG contact persons are Stephen Farrell and Kathleen Moriarty. A URL of this Internet Draft is: https://datatracker.ietf.org/doc/draft-ietf-httpauth-mutual-algo/ Technical Summary This document specifies cryptographic algorithms for use with the Mutual user authentication method for the Hyper-text Transport Protocol (HTTP). Working Group Summary This document is one in a three-part set of documents describing the Mutual-Auth authentication method for HTTP. This part describes the cryptographic algorithms for use with MutualAuth. The algorithms are based on Augmented Password-based Authenticated Key Exchange (Augmented PAKE) techniques. With version -05 it is the consensus of the HTTP-Auth working group that this document is fit to be published as an experimental RFC. The document received a moderate amount of review from the working group. In addition we solicited and received a review from Melinda Shore. Document Quality There are implementations of this protocol written by the authors. They take the form of a modified web server and a fork of the Firefox browser that include this functionality. Personnel Yoav Nir is the document shepherd. Kathleen Moriarty is the responsible Area Director. IANA Note This document defines four new tokens to be added to the "HTTP Mutual authentication algorithms" registry.
