I-D Action: draft-oiwa-http-mutualauth-11.txt

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



A New Internet-Draft is available from the on-line Internet-Drafts directories.

	Title           : Mutual Authentication Protocol for HTTP
	Author(s)       : Yutaka Oiwa
                          Hajime Watanabe
                          Hiromitsu Takagi
                          Boku Kihara
                          Tatsuya Hayashi
                          Yuichi Ioku
	Filename        : draft-oiwa-http-mutualauth-11.txt
	Pages           : 53
	Date            : 2012-05-18

   This document specifies a mutual authentication method for the Hyper-
   text Transport Protocol (HTTP).  This method provides a true mutual
   authentication between an HTTP client and an HTTP server using
   password-based authentication.  Unlike the Basic and Digest
   authentication methods, the Mutual authentication method specified in
   this document assures the user that the server truly knows the user's
   encrypted password.  This prevents common phishing attacks: a
   phishing attacker controlling a fake website cannot convince a user
   that he authenticated to the genuine website.  Furthermore, even when
   a user authenticates to an illegitimate server, the server cannot
   gain any information about the user's password.  The Mutual
   authentication method is designed as an extension to the HTTP
   protocol, and is intended to replace the existing authentication
   methods used in HTTP (the Basic method, Digest method, and
   authentication using HTML forms).


A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-oiwa-http-mutualauth-11.txt

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

This Internet-Draft can be retrieved at:
ftp://ftp.ietf.org/internet-drafts/draft-oiwa-http-mutualauth-11.txt

The IETF datatracker page for this Internet-Draft is:
https://datatracker.ietf.org/doc/draft-oiwa-http-mutualauth/

_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt


[Index of Archives]     [IETF]     [IETF Discussion]     [Linux Kernel]

  Powered by Linux