Changeset 21


Ignore:
Timestamp:
11/09/13 16:16:24 (8 years ago)
Author:
julian.reschke@…
Message:

boilerplate, introduction, IANA, acknowledgements

Location:
draft-ietf-httpauth-basicauth-update/latest
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • draft-ietf-httpauth-basicauth-update/latest/draft-ietf-httpauth-basicauth-update.html

    r20 r21  
    449449      <meta name="dct.identifier" content="urn:ietf:id:draft-ietf-httpauth-basicauth-update-latest">
    450450      <meta name="dct.issued" scheme="ISO8601" content="2013-09-11">
    451       <meta name="dct.abstract" content="TBD">
    452       <meta name="description" content="TBD">
     451      <meta name="dct.abstract" content="This document defines the &#34;Basic&#34; Hypertext Transfer Protocol (HTTP) Authentication Scheme.">
     452      <meta name="description" content="This document defines the &#34;Basic&#34; Hypertext Transfer Protocol (HTTP) Authentication Scheme.">
    453453   </head>
    454454   <body onload="init();">
     
    480480      <p class="title">The 'Basic' HTTP Authentication Scheme<br><span class="filename">draft-ietf-httpauth-basicauth-update-latest</span></p>
    481481      <h1 id="rfc.abstract"><a href="#rfc.abstract">Abstract</a></h1>
    482       <p><span class="comment" id="rfc.comment.1">[<a href="#rfc.comment.1" class="smpl">rfc.comment.1</a>: TBD]</span>
    483       </p>
     482      <p>This document defines the "Basic" Hypertext Transfer Protocol (HTTP) Authentication Scheme.</p>
    484483      <h1 id="rfc.note.1"><a href="#rfc.note.1">Editorial Note (To be removed by RFC Editor before publication)</a></h1>
    485484      <p>Discussion of this draft takes place on the HTTPAuth working group mailing list (http-auth@ietf.org), which is archived at &lt;<a href="http://www.ietf.org/mail-archive/web/http-auth/current/maillist.html">http://www.ietf.org/mail-archive/web/http-auth/current/maillist.html</a>&gt;.
     
    503502         text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified
    504503         BSD License.
     504      </p>
     505      <p>This document may contain material from IETF Documents or IETF Contributions published or made publicly available before November
     506         10, 2008. The person(s) controlling the copyright in some of this material may not have granted the IETF Trust the right to
     507         allow modifications of such material outside the IETF Standards Process. Without obtaining an adequate license from the person(s)
     508         controlling the copyright in such materials, this document may not be modified outside the IETF Standards Process, and derivative
     509         works of it may not be created outside the IETF Standards Process, except to format it for publication as an RFC or to translate
     510         it into languages other than English.
    505511      </p>
    506512      <hr class="noprint">
     
    559565      </table>
    560566      <h1 id="rfc.section.1" class="np"><a href="#rfc.section.1">1.</a>&nbsp;<a id="introduction" href="#introduction">Introduction</a></h1>
    561       <p id="rfc.section.1.p.1"><span class="comment" id="rfc.comment.2">[<a href="#rfc.comment.2" class="smpl">rfc.comment.2</a>: TBD]</span>
     567      <p id="rfc.section.1.p.1">This document defines the "Basic" Hypertext Transfer Protocol (HTTP) Authentication Scheme (<a href="#draft-ietf-httpbis-p7-auth"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Authentication">[draft-ietf-httpbis-p7-auth]</cite></a>). This scheme is not considered to be a secure method of user authentication unless used in conjunction with some external
     568         secure system such as TLS (Transport Layer Security, <a href="#RFC5246"><cite title="The Transport Layer Security (TLS) Protocol Version 1.2">[RFC5246]</cite></a>), as the user name and password are passed over the network as cleartext.
     569      </p>
     570      <p id="rfc.section.1.p.2">The "Basic" scheme previously was defined in <a href="http://tools.ietf.org/html/rfc2617#section-2">Section 2</a> of <a href="#RFC2617"><cite title="HTTP Authentication: Basic and Digest Access Authentication">[RFC2617]</cite></a>. This document updates the definition, and also addresses internationalization issues.
     571      </p>
     572      <p id="rfc.section.1.p.3">Other documents updating RFC 2617 are "Hypertext Transfer Protocol (HTTP/1.1): Authentication" (<a href="#draft-ietf-httpbis-p7-auth"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Authentication">[draft-ietf-httpbis-p7-auth]</cite></a>, defining the authentication framework) and "HTTP Digest Update" (<a href="#draft-ietf-httpauth-digest-update"><cite title="HTTP Digest Update">[draft-ietf-httpauth-digest-update]</cite></a>, updating the definition of the '"Digest" authentication scheme).
    562573      </p>
    563574      <h1 id="rfc.section.2"><a href="#rfc.section.2">2.</a>&nbsp;Notational Conventions
     
    567578      </p>
    568579      <h1 id="rfc.section.3"><a href="#rfc.section.3">3.</a>&nbsp;<a id="basic.authentication.scheme" href="#basic.authentication.scheme">The 'Basic' Authentication Scheme</a></h1>
    569       <p id="rfc.section.3.p.1"><span class="comment" id="rfc.comment.3">[<a href="#rfc.comment.3" class="smpl">rfc.comment.3</a>: Copy from RFC 2617.]</span>
     580      <p id="rfc.section.3.p.1"><span class="comment" id="rfc.comment.1">[<a href="#rfc.comment.1" class="smpl">rfc.comment.1</a>: Copy from RFC 2617.]</span>
    570581      </p>
    571582      <h1 id="rfc.section.4"><a href="#rfc.section.4">4.</a>&nbsp;<a id="security.considerations" href="#security.considerations">Security Considerations</a></h1>
    572       <p id="rfc.section.4.p.1"><span class="comment" id="rfc.comment.4">[<a href="#rfc.comment.4" class="smpl">rfc.comment.4</a>: Copy rom RFC 2617 and augment.]</span>
     583      <p id="rfc.section.4.p.1"><span class="comment" id="rfc.comment.2">[<a href="#rfc.comment.2" class="smpl">rfc.comment.2</a>: Copy from RFC 2617 and augment.]</span>
    573584      </p>
    574585      <h1 id="rfc.section.5"><a href="#rfc.section.5">5.</a>&nbsp;<a id="iana.considerations" href="#iana.considerations">IANA Considerations</a></h1>
    575       <p id="rfc.section.5.p.1"><span class="comment" id="rfc.comment.5">[<a href="#rfc.comment.5" class="smpl">rfc.comment.5</a>: Register the scheme.]</span>
    576       </p>
     586      <p id="rfc.section.5.p.1">IANA maintains the registry of HTTP Authentication Schemes (<a href="#draft-ietf-httpbis-p7-auth"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Authentication">[draft-ietf-httpbis-p7-auth]</cite></a>) at &lt;<a href="http://www.iana.org/assignments/http-authschemes">http://www.iana.org/assignments/http-authschemes</a>&gt;.
     587      </p>
     588      <p id="rfc.section.5.p.2">The entry for the "Basic" Authentication Scheme shall be updated with a pointer to this specification.</p>
    577589      <h1 id="rfc.section.6"><a href="#rfc.section.6">6.</a>&nbsp;Acknowledgements
    578590      </h1>
    579       <p id="rfc.section.6.p.1"><span class="comment" id="rfc.comment.6">[<a href="#rfc.comment.6" class="smpl">rfc.comment.6</a>: Ack RFC 2617 authors and new contributors from HTTPAuth.]</span>
     591      <p id="rfc.section.6.p.1">This specification takes over the definition of the "Basic" HTTP Authentication Scheme, previously defined in RFC 2617. We
     592         thank John Franks, Phillip M. Hallam-Baker, Jeffery L. Hostetler, Scott D. Lawrence, Paul J. Leach, Ari Luotonen, and Lawrence
     593         C. Stewart for their work on that specification. See <a href="http://tools.ietf.org/html/rfc2617#section-6">Section 6</a> of <a href="#RFC2617"><cite title="HTTP Authentication: Basic and Digest Access Authentication">[RFC2617]</cite></a> for further acknowledgements.
    580594      </p>
    581595      <h1 id="rfc.references"><a id="rfc.section.7" href="#rfc.section.7">7.</a> References
     
    586600         <tr>
    587601            <td class="reference"><b id="RFC2119">[RFC2119]</b></td>
    588             <td class="top"><a href="mailto:sob@harvard.edu" title="Harvard University">Bradner, S.</a>, “<a href="http://tools.ietf.org/html/rfc2119">Key words for use in RFCs to Indicate Requirement Levels</a>”, BCP&nbsp;14, RFC&nbsp;2119, March&nbsp;1997.
     602            <td class="top">Bradner, S., “<a href="http://tools.ietf.org/html/rfc2119">Key words for use in RFCs to Indicate Requirement Levels</a>”, BCP&nbsp;14, RFC&nbsp;2119, March&nbsp;1997.
    589603            </td>
    590604         </tr>
    591605         <tr>
    592606            <td class="reference"><b id="draft-ietf-httpbis-p7-auth">[draft-ietf-httpbis-p7-auth]</b></td>
    593             <td class="top"><a href="mailto:fielding@gbiv.com" title="Adobe Systems Incorporated">Fielding, R., Ed.</a> and <a href="mailto:julian.reschke@greenbytes.de" title="greenbytes GmbH">J. Reschke, Ed.</a>, “<a href="http://tools.ietf.org/html/draft-ietf-httpbis-p7-auth-23">Hypertext Transfer Protocol (HTTP/1.1): Authentication</a>”, Internet-Draft&nbsp;draft-ietf-httpbis-p7-auth-23 (work in progress), July&nbsp;2013.
     607            <td class="top">Fielding, R., Ed. and J. Reschke, Ed., “<a href="http://tools.ietf.org/html/draft-ietf-httpbis-p7-auth-23">Hypertext Transfer Protocol (HTTP/1.1): Authentication</a>”, Internet-Draft&nbsp;draft-ietf-httpbis-p7-auth-23 (work in progress), July&nbsp;2013.
    594608            </td>
    595609         </tr>
     
    603617            </td>
    604618         </tr>
     619         <tr>
     620            <td class="reference"><b id="RFC5246">[RFC5246]</b></td>
     621            <td class="top">Dierks, T. and E. Rescorla, “<a href="http://tools.ietf.org/html/rfc5246">The Transport Layer Security (TLS) Protocol Version 1.2</a>”, RFC&nbsp;5246, August&nbsp;2008.
     622            </td>
     623         </tr>
     624         <tr>
     625            <td class="reference"><b id="draft-ietf-httpauth-digest-update">[draft-ietf-httpauth-digest-update]</b></td>
     626            <td class="top">Shekh-Yusef, R. and D. Ahrens, “<a href="http://tools.ietf.org/html/draft-ietf-httpauth-digest-update-05">HTTP Digest Update</a>”, Internet-Draft&nbsp;draft-ietf-httpauth-digest-update-05 (work in progress), September&nbsp;2013.
     627            </td>
     628         </tr>
    605629      </table>
    606630      <div class="avoidbreak">
  • draft-ietf-httpauth-basicauth-update/latest/draft-ietf-httpauth-basicauth-update.xml

    r20 r21  
    2424]>
    2525
    26 <rfc xmlns:x="http://purl.org/net/xml2rfc/ext" xmlns:ed="http://greenbytes.de/2002/rfcedit" ipr="trust200902" docName="draft-ietf-httpauth-basicauth-update-latest" category="std" xml:lang="en" updates="2617" x:maturity-level="proposed">
     26<rfc xmlns:x="http://purl.org/net/xml2rfc/ext" xmlns:ed="http://greenbytes.de/2002/rfcedit" ipr="pre5378Trust200902" docName="draft-ietf-httpauth-basicauth-update-latest" category="std" xml:lang="en" updates="2617" x:maturity-level="proposed">
    2727
    2828  <x:feedback template="mailto:http-auth@ietf.org?subject={docname},%20%22{section}%22&amp;body=&lt;{ref}&gt;:"/>
     
    5050  <abstract>
    5151    <t>
    52       <cref>TBD</cref>
     52      This document defines the "Basic" Hypertext Transfer Protocol (HTTP)
     53      Authentication Scheme.
    5354    </t>
    5455  </abstract>
     
    8182<section title="Introduction" anchor="introduction">
    8283<t>
    83   <cref>TBD</cref>
     84  This document defines the "Basic" Hypertext Transfer Protocol (HTTP)
     85  Authentication Scheme (<xref target="draft-ietf-httpbis-p7-auth"/>).
     86  This scheme is not considered to be a secure method of user authentication
     87  unless used in conjunction with some external secure system such as TLS
     88  (Transport Layer Security, <xref target="RFC5246"/>), as the user name and
     89  password are passed over the network as cleartext.
     90</t>
     91<t>
     92  The "Basic" scheme previously was defined in <xref target="RFC2617" x:fmt="of" x:sec="2"/>.
     93  This document updates the definition, and also addresses internationalization issues.
     94</t>
     95<t>
     96  Other documents updating RFC 2617 are "Hypertext Transfer Protocol (HTTP/1.1): Authentication"
     97  (<xref target="draft-ietf-httpbis-p7-auth"/>, defining the authentication framework) and
     98  "HTTP Digest Update" (<xref target="draft-ietf-httpauth-digest-update"/>,
     99  updating the definition of the '"Digest" authentication scheme).
    84100</t>
    85101</section> 
     
    102118<section title="Security Considerations" anchor="security.considerations">
    103119<t>
    104   <cref>Copy rom RFC 2617 and augment.</cref>
     120  <cref>Copy from RFC 2617 and augment.</cref>
    105121</t>
    106122</section> 
     
    108124<section title="IANA Considerations" anchor="iana.considerations">
    109125<t>
    110   <cref>Register the scheme.</cref>
     126  IANA maintains the registry of HTTP Authentication Schemes (<xref target="draft-ietf-httpbis-p7-auth"/>)
     127  at <eref target="http://www.iana.org/assignments/http-authschemes"/>.
     128</t>
     129<t>
     130  The entry for the "Basic" Authentication Scheme shall be updated with a pointer
     131  to this specification. 
    111132</t>
    112133</section> 
     
    114135<section title="Acknowledgements">
    115136<t>
    116   <cref>Ack RFC 2617 authors and new contributors from HTTPAuth.</cref>
     137  This specification takes over the definition of the "Basic" HTTP Authentication
     138  Scheme, previously defined in RFC 2617. We thank John Franks,
     139  Phillip M. Hallam-Baker, Jeffery L. Hostetler, Scott D. Lawrence,
     140  Paul J. Leach, Ari Luotonen, and Lawrence C. Stewart for their work on
     141  that specification. See <xref target="RFC2617" x:fmt="of" x:sec="6"/> for
     142  further acknowledgements.
    117143</t>
    118144</section> 
     
    125151    <front>
    126152      <title abbrev="RFC Key Words">Key words for use in RFCs to Indicate Requirement Levels</title>
    127       <author initials="S." surname="Bradner" fullname="Scott Bradner">
    128         <organization>Harvard University</organization>
    129         <address><email>sob@harvard.edu</email></address>
    130       </author>
     153      <author initials="S." surname="Bradner" fullname="Scott Bradner"/>
    131154      <date month="March" year="1997"/>
    132155    </front>
     
    138161    <front>
    139162      <title>Hypertext Transfer Protocol (HTTP/1.1): Authentication</title>
    140       <author fullname="Roy T. Fielding" initials="R." role="editor" surname="Fielding">
    141         <organization abbrev="Adobe">Adobe Systems Incorporated</organization>
    142         <address><email>fielding@gbiv.com</email></address>
    143       </author>
    144       <author fullname="Julian F. Reschke" initials="J. F." role="editor" surname="Reschke">
    145         <organization abbrev="greenbytes">greenbytes GmbH</organization>
    146         <address><email>julian.reschke@greenbytes.de</email></address>
    147       </author>
     163      <author fullname="Roy T. Fielding" initials="R." role="editor" surname="Fielding"/>
     164      <author fullname="Julian F. Reschke" initials="J. F." role="editor" surname="Reschke"/>
    148165      <date month="July" year="2013"/>
    149166    </front>
     
    170187  </reference>
    171188
     189  <reference anchor="RFC5246">
     190     <front>
     191        <title>The Transport Layer Security (TLS) Protocol Version 1.2</title>
     192        <author initials="T." surname="Dierks" fullname="T. Dierks"/>
     193        <author initials="E." surname="Rescorla" fullname="E. Rescorla"/>
     194        <date year="2008" month="August" />
     195     </front>
     196     <seriesInfo name="RFC" value="5246" />
     197  </reference>
     198
     199  <reference anchor="draft-ietf-httpauth-digest-update">
     200    <front>
     201      <title>HTTP Digest Update</title>
     202      <author initials="R." surname="Shekh-Yusef" fullname="Rifaat Shekh-Yusef"/>
     203      <author initials="D." surname="Ahrens" fullname="David Ahrens"/>
     204      <date month="September" day="2" year="2013"/>
     205    </front>
     206    <seriesInfo name="Internet-Draft" value="draft-ietf-httpauth-digest-update-05"/>
     207  </reference>
     208
    172209</references>
    173210  </back>
Note: See TracChangeset for help on using the changeset viewer.