A New Internet-Draft is available from the on-line Internet-Drafts directories. Title : RESTful Hypertext Transfer Protocol Application-Layer Authentication Using Generic Security Services Author(s) : Nicolas Williams Filename : draft-williams-rest-gss-00.txt Pages : 23 Date : 2011-06-06 This document describes a method for application-layer authentication in Hypertext Transfer Protocol (HTTP) applications using Generic Security Services Application Programming Interface (GSS-API) mechanisms via, for simplicity, the Simple Authentication and Security Layers (SASL) mechanism bridge known as "GS2". This approach to authentication allows for pluggability, mutual authentication, and channel binding, all with no changes to HTTP nor the Transport Layer Security (TLS). We hope that the use of mutual authentication and channel binding at the application layer will make phishing more difficult. We hope that the use of authentication at the application layer will make REST-GSS deployable. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-williams-rest-gss-00.txt Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ This Internet-Draft can be retrieved at: ftp://ftp.ietf.org/internet-drafts/draft-williams-rest-gss-00.txt _______________________________________________ I-D-Announce mailing list I-D-Announce@ietf.org https://www.ietf.org/mailman/listinfo/i-d-announce Internet-Draft directories: http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
