Context Navigation

source: draft-ietf-httpbis-authscheme-registrations/02/draft-ietf-httpbis-authscheme-registrations.html @ 1695

Last change on this file since 1695 was 1407, checked in by julian.reschke@…, 12 years ago
prepare publication of -02 on Aug 24 (missing files)
File size: 19.1 KB

Line
1	<!DOCTYPE html
2	PUBLIC "-//W3C//DTD HTML 4.01//EN">
3	<html lang="en">
4	<head profile="http://www.w3.org/2006/03/hcard http://dublincore.org/documents/2008/08/04/dc-html/">
5	<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
6	<title>Initial Hypertext Transfer Protocol (HTTP)
7	Authentication Scheme Registrations
8	</title><style type="text/css" title="Xml2Rfc (sans serif)">
9	a {
10	text-decoration: none;
11	}
12	a.smpl {
13	color: black;
14	}
15	a:hover {
16	text-decoration: underline;
17	}
18	a:active {
19	text-decoration: underline;
20	}
21	address {
22	margin-top: 1em;
23	margin-left: 2em;
24	font-style: normal;
25	}
26	body {
27	color: black;
28	font-family: verdana, helvetica, arial, sans-serif;
29	font-size: 10pt;
30	}
31	cite {
32	font-style: normal;
33	}
34	dd {
35	margin-right: 2em;
36	}
37	dl {
38	margin-left: 2em;
39	}
40
41	ul.empty {
42	list-style-type: none;
43	}
44	ul.empty li {
45	margin-top: .5em;
46	}
47	dl p {
48	margin-left: 0em;
49	}
50	dt {
51	margin-top: .5em;
52	}
53	h1 {
54	font-size: 14pt;
55	line-height: 21pt;
56	page-break-after: avoid;
57	}
58	h1.np {
59	page-break-before: always;
60	}
61	h1 a {
62	color: #333333;
63	}
64	h2 {
65	font-size: 12pt;
66	line-height: 15pt;
67	page-break-after: avoid;
68	}
69	h3, h4, h5, h6 {
70	font-size: 10pt;
71	page-break-after: avoid;
72	}
73	h2 a, h3 a, h4 a, h5 a, h6 a {
74	color: black;
75	}
76	img {
77	margin-left: 3em;
78	}
79	li {
80	margin-left: 2em;
81	margin-right: 2em;
82	}
83	ol {
84	margin-left: 2em;
85	margin-right: 2em;
86	}
87	ol.la {
88	list-style-type: lower-alpha;
89	}
90	ol.ua {
91	list-style-type: upper-alpha;
92	}
93	ol p {
94	margin-left: 0em;
95	}
96	p {
97	margin-left: 2em;
98	margin-right: 2em;
99	}
100	pre {
101	margin-left: 3em;
102	background-color: lightyellow;
103	padding: .25em;
104	}
105	pre.text2 {
106	border-style: dotted;
107	border-width: 1px;
108	background-color: #f0f0f0;
109	width: 69em;
110	}
111	pre.inline {
112	background-color: white;
113	padding: 0em;
114	}
115	pre.text {
116	border-style: dotted;
117	border-width: 1px;
118	background-color: #f8f8f8;
119	width: 69em;
120	}
121	pre.drawing {
122	border-style: solid;
123	border-width: 1px;
124	background-color: #f8f8f8;
125	padding: 2em;
126	}
127	table {
128	margin-left: 2em;
129	}
130	table.tt {
131	vertical-align: top;
132	}
133	table.full {
134	border-style: outset;
135	border-width: 1px;
136	}
137	table.headers {
138	border-style: outset;
139	border-width: 1px;
140	}
141	table.tt td {
142	vertical-align: top;
143	}
144	table.full td {
145	border-style: inset;
146	border-width: 1px;
147	}
148	table.tt th {
149	vertical-align: top;
150	}
151	table.full th {
152	border-style: inset;
153	border-width: 1px;
154	}
155	table.headers th {
156	border-style: none none inset none;
157	border-width: 1px;
158	}
159	table.left {
160	margin-right: auto;
161	}
162	table.right {
163	margin-left: auto;
164	}
165	table.center {
166	margin-left: auto;
167	margin-right: auto;
168	}
169	caption {
170	caption-side: bottom;
171	font-weight: bold;
172	font-size: 9pt;
173	margin-top: .5em;
174	}
175
176	table.header {
177	border-spacing: 1px;
178	width: 95%;
179	font-size: 10pt;
180	color: white;
181	}
182	td.top {
183	vertical-align: top;
184	}
185	td.topnowrap {
186	vertical-align: top;
187	white-space: nowrap;
188	}
189	table.header td {
190	background-color: gray;
191	width: 50%;
192	}
193	td.reference {
194	vertical-align: top;
195	white-space: nowrap;
196	padding-right: 1em;
197	}
198	thead {
199	display:table-header-group;
200	}
201	ul.toc, ul.toc ul {
202	list-style: none;
203	margin-left: 1.5em;
204	margin-right: 0em;
205	padding-left: 0em;
206	}
207	ul.toc li {
208	line-height: 150%;
209	font-weight: bold;
210	font-size: 10pt;
211	margin-left: 0em;
212	margin-right: 0em;
213	}
214	ul.toc li li {
215	line-height: normal;
216	font-weight: normal;
217	font-size: 9pt;
218	margin-left: 0em;
219	margin-right: 0em;
220	}
221	li.excluded {
222	font-size: 0pt;
223	}
224	ul p {
225	margin-left: 0em;
226	}
227
228	.comment {
229	background-color: yellow;
230	}
231	.center {
232	text-align: center;
233	}
234	.error {
235	color: red;
236	font-style: italic;
237	font-weight: bold;
238	}
239	.figure {
240	font-weight: bold;
241	text-align: center;
242	font-size: 9pt;
243	}
244	.filename {
245	color: #333333;
246	font-weight: bold;
247	font-size: 12pt;
248	line-height: 21pt;
249	text-align: center;
250	}
251	.fn {
252	font-weight: bold;
253	}
254	.hidden {
255	display: none;
256	}
257	.left {
258	text-align: left;
259	}
260	.right {
261	text-align: right;
262	}
263	.title {
264	color: #990000;
265	font-size: 18pt;
266	line-height: 18pt;
267	font-weight: bold;
268	text-align: center;
269	margin-top: 36pt;
270	}
271	.vcardline {
272	display: block;
273	}
274	.warning {
275	font-size: 14pt;
276	background-color: yellow;
277	}
278
279
280	@media print {
281	.noprint {
282	display: none;
283	}
284
285	a {
286	color: black;
287	text-decoration: none;
288	}
289
290	table.header {
291	width: 90%;
292	}
293
294	td.header {
295	width: 50%;
296	color: black;
297	background-color: white;
298	vertical-align: top;
299	font-size: 12pt;
300	}
301
302	ul.toc a::after {
303	content: leader('.') target-counter(attr(href), page);
304	}
305
306	ul.ind li li a {
307	content: target-counter(attr(href), page);
308	}
309
310	.print2col {
311	column-count: 2;
312	-moz-column-count: 2;
313	column-fill: auto;
314	}
315	}
316
317	@page {
318	@top-left {
319	content: "Internet-Draft";
320	}
321	@top-right {
322	content: "August 2011";
323	}
324	@top-center {
325	content: "HTTP Authentication Scheme Registrations";
326	}
327	@bottom-left {
328	content: "Reschke";
329	}
330	@bottom-center {
331	content: "Expires February 25, 2012";
332	}
333	@bottom-right {
334	content: "[Page " counter(page) "]";
335	}
336	}
337
338	@page:first {
339	@top-left {
340	content: normal;
341	}
342	@top-right {
343	content: normal;
344	}
345	@top-center {
346	content: normal;
347	}
348	}
349	</style><link rel="Contents" href="#rfc.toc">
350	<link rel="Author" href="#rfc.authors">
351	<link rel="Copyright" href="#rfc.copyrightnotice">
352	<link rel="Chapter" title="1 Introduction" href="#rfc.section.1">
353	<link rel="Chapter" title="2 Security Considerations" href="#rfc.section.2">
354	<link rel="Chapter" title="3 IANA Considerations" href="#rfc.section.3">
355	<link rel="Chapter" href="#rfc.section.4" title="4 Normative References">
356	<link rel="Appendix" title="A Initial Registry Contents" href="#rfc.section.A">
357	<link rel="Appendix" title="B Change Log (to be removed by RFC Editor before publication)" href="#rfc.section.B">
358	<meta name="generator" content="http://greenbytes.de/tech/webdav/rfc2629.xslt, Revision 1.553, 2011-07-27 17:45:31, XSLT vendor: SAXON 8.9 from Saxonica http://www.saxonica.com/">
359	<link rel="schema.dct" href="http://purl.org/dc/terms/">
360	<meta name="dct.creator" content="Reschke, J. F.">
361	<meta name="dct.identifier" content="urn:ietf:id:draft-ietf-httpbis-authscheme-registrations-02">
362	<meta name="dct.issued" scheme="ISO8601" content="2011-08-24">
363	<meta name="dct.abstract" content="This document registers Hypertext Transfer Protocol (HTTP) authentication schemes which have been defined in standards-track RFCs before the IANA HTTP Authentication Scheme Registry was established.">
364	<meta name="description" content="This document registers Hypertext Transfer Protocol (HTTP) authentication schemes which have been defined in standards-track RFCs before the IANA HTTP Authentication Scheme Registry was established.">
365	</head>
366	<body>
367	<table class="header">
368	<tbody>
369	<tr>
370	<td class="left">HTTPbis Working Group</td>
371	<td class="right">J. Reschke</td>
372	</tr>
373	<tr>
374	<td class="left">Internet-Draft</td>
375	<td class="right">greenbytes</td>
376	</tr>
377	<tr>
378	<td class="left">Intended status: Informational</td>
379	<td class="right">August 24, 2011</td>
380	</tr>
381	<tr>
382	<td class="left">Expires: February 25, 2012</td>
383	<td class="right"></td>
384	</tr>
385	</tbody>
386	</table>
387	<p class="title">Initial Hypertext Transfer Protocol (HTTP) Authentication Scheme Registrations<br><span class="filename">draft-ietf-httpbis-authscheme-registrations-02</span></p>
388	<h1 id="rfc.abstract"><a href="#rfc.abstract">Abstract</a></h1>
389	<p>This document registers Hypertext Transfer Protocol (HTTP) authentication schemes which have been defined in standards-track
390	RFCs before the IANA HTTP Authentication Scheme Registry was established.
391	</p>
392	<h1 id="rfc.note.1"><a href="#rfc.note.1">Editorial Note (To be removed by RFC Editor)</a></h1>
393	<p>Discussion of this draft should take place on the HTTPBIS working group mailing list (ietf-http-wg@w3.org), which is archived
394	at <<a href="http://lists.w3.org/Archives/Public/ietf-http-wg/">http://lists.w3.org/Archives/Public/ietf-http-wg/</a>>.
395	</p>
396	<p>The current issues list is at <<a href="http://trac.tools.ietf.org/wg/httpbis/trac/query?component=authscheme-registrations">http://trac.tools.ietf.org/wg/httpbis/trac/query?component=authscheme-registrations</a>> and related documents (including fancy diffs) can be found at <<a href="http://tools.ietf.org/wg/httpbis/">http://tools.ietf.org/wg/httpbis/</a>>.
397	</p>
398	<p>The changes in this draft are summarized in <a href="#changes.since.01" title="Since draft-ietf-httpbis-authscheme-registrations-01">Appendix B.2</a>.
399	</p>
400	<h1><a id="rfc.status" href="#rfc.status">Status of This Memo</a></h1>
401	<p>This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.</p>
402	<p>Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute
403	working documents as Internet-Drafts. The list of current Internet-Drafts is at <a href="http://datatracker.ietf.org/drafts/current/">http://datatracker.ietf.org/drafts/current/</a>.
404	</p>
405	<p>Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other
406	documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as “work
407	in progress”.
408	</p>
409	<p>This Internet-Draft will expire on February 25, 2012.</p>
410	<h1><a id="rfc.copyrightnotice" href="#rfc.copyrightnotice">Copyright Notice</a></h1>
411	<p>Copyright © 2011 IETF Trust and the persons identified as the document authors. All rights reserved.</p>
412	<p>This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (<a href="http://trustee.ietf.org/license-info">http://trustee.ietf.org/license-info</a>) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights
413	and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License
414	text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified
415	BSD License.
416	</p>
417	<hr class="noprint">
418	<h1 class="np" id="rfc.toc"><a href="#rfc.toc">Table of Contents</a></h1>
419	<ul class="toc">
420	<li>1.   <a href="#introduction">Introduction</a></li>
421	<li>2.   <a href="#security.considerations">Security Considerations</a></li>
422	<li>3.   <a href="#iana.considerations">IANA Considerations</a></li>
423	<li>4.   <a href="#rfc.references">Normative References</a></li>
424	<li><a href="#rfc.authors">Author's Address</a></li>
425	<li>A.   <a href="#initial.registry.contents">Initial Registry Contents</a></li>
426	<li>B.   <a href="#change.log">Change Log (to be removed by RFC Editor before publication)</a><ul>
427	<li>B.1   <a href="#changes.since.00">Since draft-ietf-httpbis-authscheme-registrations-00</a></li>
428	<li>B.2   <a href="#changes.since.01">Since draft-ietf-httpbis-authscheme-registrations-01</a></li>
429	</ul>
430	</li>
431	</ul>
432	<h1 id="rfc.section.1" class="np"><a href="#rfc.section.1">1.</a> <a id="introduction" href="#introduction">Introduction</a></h1>
433	<p id="rfc.section.1.p.1">This document registers Hypertext Transfer Protocol (HTTP) authentication schemes which have been defined in standards-track
434	RFCs before the IANA HTTP Authentication Scheme Registry was established.
435	</p>
436	<h1 id="rfc.section.2"><a href="#rfc.section.2">2.</a> <a id="security.considerations" href="#security.considerations">Security Considerations</a></h1>
437	<p id="rfc.section.2.p.1">There are no security considerations related to the registration itself.</p>
438	<h1 id="rfc.section.3"><a href="#rfc.section.3">3.</a> <a id="iana.considerations" href="#iana.considerations">IANA Considerations</a></h1>
439	<p id="rfc.section.3.p.1"> <a href="#initial.registry.contents" title="Initial Registry Contents">Appendix A</a> provides initial registrations of HTTP authentication schemes for the IANA HTTP Authentication Scheme registry at <<a href="http://www.iana.org/assignments/http-authschemes">http://www.iana.org/assignments/http-authschemes</a>> (see <a href="draft-ietf-httpbis-p7-auth-16.html#authentication.scheme.registry" title="Authentication Scheme Registry">Section 2.3</a> of <a href="#draft-ietf-httpbis-p7-auth"><cite title="HTTP/1.1, part 7: Authentication">[draft-ietf-httpbis-p7-auth]</cite></a>).
440	</p>
441	<h1 id="rfc.references"><a href="#rfc.section.4" id="rfc.section.4">4.</a> Normative References
442	</h1>
443	<table>
444	<tr>
445	<td class="reference"><b id="RFC2617">[RFC2617]</b></td>
446	<td class="top"><a href="mailto:john@math.nwu.edu" title="Northwestern University, Department of Mathematics">Franks, J.</a>, <a href="mailto:pbaker@verisign.com" title="Verisign Inc.">Hallam-Baker, P.</a>, <a href="mailto:jeff@AbiSource.com" title="AbiSource, Inc.">Hostetler, J.</a>, <a href="mailto:lawrence@agranat.com" title="Agranat Systems, Inc.">Lawrence, S.</a>, <a href="mailto:paulle@microsoft.com" title="Microsoft Corporation">Leach, P.</a>, Luotonen, A., and <a href="mailto:stewart@OpenMarket.com" title="Open Market, Inc.">L. Stewart</a>, “<a href="http://tools.ietf.org/html/rfc2617">HTTP Authentication: Basic and Digest Access Authentication</a>”, RFC 2617, June 1999.
447	</td>
448	</tr>
449	<tr>
450	<td class="reference"><b id="RFC4559">[RFC4559]</b></td>
451	<td class="top">Jaganathan, K., Zhu, L., and J. Brezak, “<a href="http://tools.ietf.org/html/rfc4559">SPNEGO-based Kerberos and NTLM HTTP Authentication in Microsoft Windows</a>”, RFC 4559, June 2006.
452	</td>
453	</tr>
454	<tr>
455	<td class="reference"><b id="draft-ietf-httpbis-p7-auth">[draft-ietf-httpbis-p7-auth]</b></td>
456	<td class="top"><a href="mailto:fielding@gbiv.com" title="Day Software">Fielding, R., Ed.</a>, <a href="mailto:jg@freedesktop.org" title="Alcatel-Lucent Bell Labs">Gettys, J.</a>, <a href="mailto:JeffMogul@acm.org" title="Hewlett-Packard Company">Mogul, J.</a>, <a href="mailto:henrikn@microsoft.com" title="Microsoft Corporation">Frystyk, H.</a>, <a href="mailto:LMM@acm.org" title="Adobe Systems, Incorporated">Masinter, L.</a>, <a href="mailto:paulle@microsoft.com" title="Microsoft Corporation">Leach, P.</a>, <a href="mailto:timbl@w3.org" title="World Wide Web Consortium">Berners-Lee, T.</a>, <a href="mailto:ylafon@w3.org" title="World Wide Web Consortium">Lafon, Y., Ed.</a>, and <a href="mailto:julian.reschke@greenbytes.de" title="greenbytes GmbH">J. Reschke, Ed.</a>, “<a href="http://tools.ietf.org/html/draft-ietf-httpbis-p7-auth-16">HTTP/1.1, part 7: Authentication</a>”, Internet-Draft draft-ietf-httpbis-p7-auth-16 (work in progress), August 2011.
457	</td>
458	</tr>
459	</table>
460	<div class="avoidbreak">
461	<h1 id="rfc.authors"><a href="#rfc.authors">Author's Address</a></h1>
462	<address class="vcard"><span class="vcardline"><span class="fn">Julian F. Reschke</span><span class="n hidden"><span class="family-name">Reschke</span><span class="given-name">Julian F.</span></span></span><span class="org vcardline">greenbytes GmbH</span><span class="adr"><span class="street-address vcardline">Hafenweg 16</span><span class="vcardline"><span class="locality">Muenster</span>, <span class="region">NW</span> <span class="postal-code">48155</span></span><span class="country-name vcardline">Germany</span></span><span class="vcardline">Email: <a href="mailto:julian.reschke@greenbytes.de"><span class="email">julian.reschke@greenbytes.de</span></a></span><span class="vcardline">URI: <a href="http://greenbytes.de/tech/webdav/" class="url">http://greenbytes.de/tech/webdav/</a></span></address>
463	</div>
464	<h1 id="rfc.section.A" class="np"><a href="#rfc.section.A">A.</a> <a id="initial.registry.contents" href="#initial.registry.contents">Initial Registry Contents</a></h1>
465	<div id="rfc.table.u.1">
466	<table class="tt full left" cellpadding="3" cellspacing="0">
467	<thead>
468	<tr>
469	<th>Authentication Scheme Name</th>
470	<th>Reference</th>
471	<th>Notes</th>
472	</tr>
473	</thead>
474	<tbody>
475	<tr>
476	<td class="left">Basic</td>
477	<td class="left"><a href="#RFC2617"><cite title="HTTP Authentication: Basic and Digest Access Authentication">[RFC2617]</cite></a>, <a href="http://tools.ietf.org/html/rfc2617#section-2">Section 2</a></td>
478	<td class="left"></td>
479	</tr>
480	<tr>
481	<td class="left">Digest</td>
482	<td class="left"><a href="#RFC2617"><cite title="HTTP Authentication: Basic and Digest Access Authentication">[RFC2617]</cite></a>, <a href="http://tools.ietf.org/html/rfc2617#section-3">Section 3</a></td>
483	<td class="left"></td>
484	</tr>
485	<tr>
486	<td class="left">Negotiate</td>
487	<td class="left"><a href="#RFC4559"><cite title="SPNEGO-based Kerberos and NTLM HTTP Authentication in Microsoft Windows">[RFC4559]</cite></a>, <a href="http://tools.ietf.org/html/rfc4559#section-3">Section 3</a></td>
488	<td class="left">This authentication scheme violates both HTTP semantics (being connection-oriented) and syntax (use of syntax incompatible
489	with the WWW-Authenticate and Authorization header field syntax).
490	</td>
491	</tr>
492	</tbody>
493	</table>
494	</div>
495	<h1 id="rfc.section.B"><a href="#rfc.section.B">B.</a> <a id="change.log" href="#change.log">Change Log (to be removed by RFC Editor before publication)</a></h1>
496	<h2 id="rfc.section.B.1"><a href="#rfc.section.B.1">B.1</a> <a id="changes.since.00" href="#changes.since.00">Since draft-ietf-httpbis-authscheme-registrations-00</a></h2>
497	<p id="rfc.section.B.1.p.1">Update draft-ietf-httpbis-p7-auth reference.</p>
498	<h2 id="rfc.section.B.2"><a href="#rfc.section.B.2">B.2</a> <a id="changes.since.01" href="#changes.since.01">Since draft-ietf-httpbis-authscheme-registrations-01</a></h2>
499	<p id="rfc.section.B.2.p.1">Update draft-ietf-httpbis-p7-auth reference.</p>
500	<p id="rfc.section.B.2.p.2">Closed issues: </p>
501	<ul>
502	<li> <<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/308">http://tools.ietf.org/wg/httpbis/trac/ticket/308</a>>: "need to reserve 'negotiate' as auth scheme name"
503	</li>
504	</ul>
505	</body>
506	</html>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: