A New Internet-Draft is available from the on-line Internet-Drafts directories. Title : RESTful Hypertext Transfer Protocol Application-Layer Authentication Using Generic Security Services Author(s) : Nicolas Williams Filename : draft-williams-rest-gss-02.txt Pages : 23 Date : 2012-07-15 Abstract: This document describes an application-layer authentication protocol in Hypertext Transfer Protocol (HTTP) applications using Generic Security Services Application Programming Interface (GSS-API) mechanisms. The GSS-API is used, for simplicity, via the Simple Authentication and Security Layers (SASL) mechanism bridge known as "GS2". This approach to authentication allows for simplicity, pluggability, mutual authentication, and channel binding, all with no changes to any vbe ersion of HTTP nor the Transport Layer Security (TLS). Although this is an application-layer protocol, we hope that it will be implemented in HTTP stacks for ease of use. That is, this protocol should be implemented at the HTTP application programming interface (API) layer wherever possible even though it is an application-layer protocol. We hope that the use of authentication at the application layer will make REST-GSS deployable. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-williams-rest-gss There's also a htmlized version available at: http://tools.ietf.org/html/draft-williams-rest-gss-02 A diff from previous version is available at: http://tools.ietf.org/rfcdiff?url2=draft-williams-rest-gss-02 Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ _______________________________________________ I-D-Announce mailing list I-D-Announce@ietf.org https://www.ietf.org/mailman/listinfo/i-d-announce Internet-Draft directories: http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
