source: draft-ietf-httpbis-authscheme-registrations/10/draft-ietf-httpbis-authscheme-registrations-10.xml

Last change on this file was 2623, checked in by julian.reschke@…, 9 years ago

(add missing files)
  • Property svn:executable set to *
  • Property svn:mime-type set to text/xml
File size: 8.6 KB
Line 
1<?xml version="1.0" encoding="UTF-8"?>
2<!--
3    This XML document is the output of clean-for-DTD.xslt; a tool that strips
4    extensions to RFC2629(bis) from documents for processing with xml2rfc.
5-->
6<?xml-stylesheet type='text/xsl' href='../../draft-ietf-httpbis/myxml2rfc.xslt'?>
7<?rfc toc="yes"?>
8<?rfc symrefs="yes"?>
9<?rfc sortrefs="yes"?>
10<?rfc compact="yes"?>
11<?rfc comments="yes"?>
12<?rfc inline="yes"?>
13<?rfc subcompact="no"?>
14<?rfc rfcedstyle="yes"?>
15<!DOCTYPE rfc
16  PUBLIC "" "rfc2629.dtd">
17<rfc ipr="trust200902" docName="draft-ietf-httpbis-authscheme-registrations-10" category="info">
18
19        <front>
20  <title abbrev="HTTP Authentication Scheme Registrations">Initial Hypertext Transfer Protocol (HTTP)
21  Authentication Scheme Registrations</title>
22
23  <author initials="J. F." surname="Reschke" fullname="Julian F. Reschke">
24    <organization abbrev="greenbytes">greenbytes GmbH</organization>
25    <address>
26      <postal>
27        <street>Hafenweg 16</street>
28        <city>Muenster</city><region>NW</region><code>48155</code>
29        <country>Germany</country>
30      </postal>
31      <email>julian.reschke@greenbytes.de</email>       
32      <uri>http://greenbytes.de/tech/webdav/</uri>     
33    </address>
34  </author>
35
36  <date month="February" year="2014" day="6"/>
37
38  <area>Applications</area>
39  <workgroup>HTTPbis Working Group</workgroup>
40 
41  <abstract>
42  <t>
43    This document registers Hypertext Transfer Protocol (HTTP)
44    authentication schemes which have been defined in RFCs
45    before the IANA HTTP Authentication Scheme Registry was established.
46  </t>
47  </abstract>
48 
49  <note title="Editorial Note (To be removed by RFC Editor)">
50    <t>
51      Discussion of this draft takes place on the HTTPBIS working group
52      mailing list (ietf-http-wg@w3.org), which is archived at
53      <eref target="http://lists.w3.org/Archives/Public/ietf-http-wg/"/>.
54    </t>
55    <t>
56      The current issues list is at
57      <eref target="http://trac.tools.ietf.org/wg/httpbis/trac/query?component=authscheme-registrations"/> and related
58      documents (including fancy diffs) can be found at
59      <eref target="http://tools.ietf.org/wg/httpbis/"/>.
60    </t>
61    <t>
62      The changes in this draft are summarized in <xref target="changes.since.09"/>.
63    </t>
64  </note>
65
66  </front>
67
68  <middle>
69
70<section title="Introduction" anchor="introduction">
71  <t>
72    This document registers Hypertext Transfer Protocol (HTTP)
73    authentication schemes which have been defined in RFCs
74    before the IANA HTTP Authentication Scheme Registry was established.
75  </t>
76</section> 
77 
78<section title="Security Considerations" anchor="security.considerations">
79  <t>
80    There are no security considerations related to the registration itself.
81  </t>
82  <t>
83    Security considerations applicable to the individual authentication schemes
84    ought to be discussed in the specifications that define them.
85  </t>
86</section> 
87
88<section title="IANA Considerations" anchor="iana.considerations">
89<t>
90  The table below provides registrations of HTTP authentication schemes to be
91  added to the IANA HTTP Authentication Scheme registry
92  at <eref target="http://www.iana.org/assignments/http-authschemes"/>
93  (see Section 5.1 of <xref target="draft-ietf-httpbis-p7-auth"/>).
94</t>
95<texttable align="left">
96
97<ttcol>Authentication Scheme Name</ttcol>
98<ttcol>Reference</ttcol>
99<ttcol>Notes</ttcol>
100
101<c>Basic</c><c><xref target="RFC2617"/>, Section 2</c><c/>
102<c>Bearer</c><c><xref target="RFC6750"/></c><c/>
103
104<c>Digest</c><c><xref target="RFC2617"/>, Section 3</c><c/>
105
106<c>Negotiate</c><c><xref target="RFC4559"/>, Section 3</c>
107<c>This authentication scheme violates both HTTP semantics (being connection-oriented)
108and syntax (use of syntax incompatible with the WWW-Authenticate and Authorization header field
109syntax).</c>
110
111<c>OAuth</c><c><xref target="RFC5849"/>, Section 3.5.1</c><c/>
112
113</texttable>
114</section> 
115  </middle>
116  <back>
117 
118<references title="Normative References">
119
120<reference anchor="draft-ietf-httpbis-p7-auth">
121  <front>
122    <title>Hypertext Transfer Protocol (HTTP/1.1): Authentication</title>
123    <author initials="R." surname="Fielding" fullname="Roy T. Fielding" role="editor">
124      <organization abbrev="Adobe">Adobe Systems Incorporated</organization>
125      <address><email>fielding@gbiv.com</email></address>
126    </author>
127    <author initials="J. F." surname="Reschke" fullname="Julian F. Reschke" role="editor">
128      <organization abbrev="greenbytes">greenbytes GmbH</organization>
129      <address><email>julian.reschke@greenbytes.de</email></address>
130    </author>
131    <date month="February" year="2014"/>
132  </front>
133  <seriesInfo name="Internet-Draft" value="draft-ietf-httpbis-p7-auth-26"/>
134 
135</reference>
136
137<reference anchor="RFC2617">
138  <front>
139    <title abbrev="HTTP Authentication">HTTP Authentication: Basic and Digest Access Authentication</title>
140    <author initials="J." surname="Franks" fullname="John Franks">
141      <organization>Northwestern University, Department of Mathematics</organization>
142      <address><email>john@math.nwu.edu</email></address>
143    </author>
144    <author initials="P.M." surname="Hallam-Baker" fullname="Phillip M. Hallam-Baker">
145      <organization>Verisign Inc.</organization>
146      <address><email>pbaker@verisign.com</email></address>
147    </author>
148    <author initials="J.L." surname="Hostetler" fullname="Jeffery L. Hostetler">
149      <organization>AbiSource, Inc.</organization>
150      <address><email>jeff@AbiSource.com</email></address>
151    </author>
152    <author initials="S.D." surname="Lawrence" fullname="Scott D. Lawrence">
153      <organization>Agranat Systems, Inc.</organization>
154      <address><email>lawrence@agranat.com</email></address>
155    </author>
156    <author initials="P.J." surname="Leach" fullname="Paul J. Leach">
157      <organization>Microsoft Corporation</organization>
158      <address><email>paulle@microsoft.com</email></address>
159    </author>
160    <author initials="A." surname="Luotonen" fullname="Ari Luotonen">
161      <organization>Netscape Communications Corporation</organization>
162    </author>
163    <author initials="L." surname="Stewart" fullname="Lawrence C. Stewart">
164      <organization>Open Market, Inc.</organization>
165      <address><email>stewart@OpenMarket.com</email></address>
166    </author>
167    <date month="June" year="1999"/>
168  </front>
169  <seriesInfo name="RFC" value="2617"/>
170</reference>
171
172<reference anchor="RFC4559">
173  <front>
174    <title>SPNEGO-based Kerberos and NTLM HTTP Authentication in Microsoft Windows</title>
175    <author initials="K." surname="Jaganathan" fullname="K. Jaganathan"/>
176    <author initials="L." surname="Zhu" fullname="L. Zhu"/>
177    <author initials="J." surname="Brezak" fullname="J. Brezak"/>
178    <date year="2006" month="June"/>
179  </front>
180  <seriesInfo name="RFC" value="4559"/>
181</reference>
182
183<reference anchor="RFC5849">
184  <front>
185    <title>The OAuth 1.0 Protocol</title>
186    <author initials="E." surname="Hammer-Lahav" fullname="Eran Hammer-Lahav"/>
187    <date year="2010" month="April"/>
188  </front>
189  <seriesInfo name="RFC" value="5849"/>
190</reference>
191
192<reference anchor="RFC6750">
193  <front>
194    <title>The OAuth 2.0 Authorization Framework: Bearer Token Usage</title>
195    <author initials="M." surname="Jones" fullname="Michael B. Jones"/>
196    <author initials="D." surname="Hardt" fullname="Dick Hardt"/>
197    <date year="2012" month="October"/>
198  </front>
199  <seriesInfo name="RFC" value="6750"/>
200</reference>
201
202</references>
203 
204<!--<references title="Informative References">
205</references>-->
206
207<section title="Change Log (to be removed by RFC Editor before publication)" anchor="change.log">
208<t>
209  Changes up to the IETF Last Call draft are summarized in <eref target="http://trac.tools.ietf.org/html/draft-ietf-httpbis-authscheme-registrations-08#appendix-B"/>.
210</t>
211<section title="Since draft-ietf-httpbis-authscheme-registrations-08" anchor="changes.since.08">
212<t>
213  Closed issues:
214  <list style="symbols">
215    <t>
216      <eref target="http://tools.ietf.org/wg/httpbis/trac/ticket/514"/>:
217      "registration tables should be inside IANA considerations"
218    </t>
219  </list>
220</t>
221<t>
222  Clarified the IANA action to say "add".
223</t>
224<t>
225  Updated httpbis reference.
226</t>
227</section>
228
229<section title="Since draft-ietf-httpbis-authscheme-registrations-09" anchor="changes.since.09">
230<t>
231  Closed issues:
232  <list style="symbols">
233    <t>
234      <eref target="http://tools.ietf.org/wg/httpbis/trac/ticket/530"/>:
235      "draft-ietf-httpbis-authscheme-registrations-09"
236    </t>
237  </list>
238</t>
239<t>
240  Updated httpbis reference.
241</t>
242</section>
243</section>
244
245  </back>
246
247</rfc>
Note: See TracBrowser for help on using the repository browser.