source: draft-ietf-httpbis-authscheme-registrations/latest/draft-ietf-httpbis-authscheme-registrations.html @ 1402

Last change on this file since 1402 was 1402, checked in by julian.reschke@…, 8 years ago

update P7 reference

File size: 19.1 KB
Line 
1<!DOCTYPE html
2  PUBLIC "-//W3C//DTD HTML 4.01//EN">
3<html lang="en">
4   <head profile="http://www.w3.org/2006/03/hcard http://dublincore.org/documents/2008/08/04/dc-html/">
5      <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
6      <title>Initial Hypertext&nbsp;Transfer&nbsp;Protocol&nbsp;(HTTP)
7         Authentication&nbsp;Scheme&nbsp;Registrations
8      </title><style type="text/css" title="Xml2Rfc (sans serif)">
9a {
10  text-decoration: none;
11}
12a.smpl {
13  color: black;
14}
15a:hover {
16  text-decoration: underline;
17}
18a:active {
19  text-decoration: underline;
20}
21address {
22  margin-top: 1em;
23  margin-left: 2em;
24  font-style: normal;
25}
26body {
27  color: black;
28  font-family: verdana, helvetica, arial, sans-serif;
29  font-size: 10pt;
30}
31cite {
32  font-style: normal;
33}
34dd {
35  margin-right: 2em;
36}
37dl {
38  margin-left: 2em;
39}
40
41ul.empty {
42  list-style-type: none;
43}
44ul.empty li {
45  margin-top: .5em;
46}
47dl p {
48  margin-left: 0em;
49}
50dt {
51  margin-top: .5em;
52}
53h1 {
54  font-size: 14pt;
55  line-height: 21pt;
56  page-break-after: avoid;
57}
58h1.np {
59  page-break-before: always;
60}
61h1 a {
62  color: #333333;
63}
64h2 {
65  font-size: 12pt;
66  line-height: 15pt;
67  page-break-after: avoid;
68}
69h3, h4, h5, h6 {
70  font-size: 10pt;
71  page-break-after: avoid;
72}
73h2 a, h3 a, h4 a, h5 a, h6 a {
74  color: black;
75}
76img {
77  margin-left: 3em;
78}
79li {
80  margin-left: 2em;
81  margin-right: 2em;
82}
83ol {
84  margin-left: 2em;
85  margin-right: 2em;
86}
87ol.la {
88  list-style-type: lower-alpha;
89}
90ol.ua {
91  list-style-type: upper-alpha;
92}
93ol p {
94  margin-left: 0em;
95}
96p {
97  margin-left: 2em;
98  margin-right: 2em;
99}
100pre {
101  margin-left: 3em;
102  background-color: lightyellow;
103  padding: .25em;
104}
105pre.text2 {
106  border-style: dotted;
107  border-width: 1px;
108  background-color: #f0f0f0;
109  width: 69em;
110}
111pre.inline {
112  background-color: white;
113  padding: 0em;
114}
115pre.text {
116  border-style: dotted;
117  border-width: 1px;
118  background-color: #f8f8f8;
119  width: 69em;
120}
121pre.drawing {
122  border-style: solid;
123  border-width: 1px;
124  background-color: #f8f8f8;
125  padding: 2em;
126}
127table {
128  margin-left: 2em;
129}
130table.tt {
131  vertical-align: top;
132}
133table.full {
134  border-style: outset;
135  border-width: 1px;
136}
137table.headers {
138  border-style: outset;
139  border-width: 1px;
140}
141table.tt td {
142  vertical-align: top;
143}
144table.full td {
145  border-style: inset;
146  border-width: 1px;
147}
148table.tt th {
149  vertical-align: top;
150}
151table.full th {
152  border-style: inset;
153  border-width: 1px;
154}
155table.headers th {
156  border-style: none none inset none;
157  border-width: 1px;
158}
159table.left {
160  margin-right: auto;
161}
162table.right {
163  margin-left: auto;
164}
165table.center {
166  margin-left: auto;
167  margin-right: auto;
168}
169caption {
170  caption-side: bottom;
171  font-weight: bold;
172  font-size: 9pt;
173  margin-top: .5em;
174}
175
176table.header {
177  border-spacing: 1px;
178  width: 95%;
179  font-size: 10pt;
180  color: white;
181}
182td.top {
183  vertical-align: top;
184}
185td.topnowrap {
186  vertical-align: top;
187  white-space: nowrap; 
188}
189table.header td {
190  background-color: gray;
191  width: 50%;
192}
193td.reference {
194  vertical-align: top;
195  white-space: nowrap;
196  padding-right: 1em;
197}
198thead {
199  display:table-header-group;
200}
201ul.toc, ul.toc ul {
202  list-style: none;
203  margin-left: 1.5em;
204  margin-right: 0em;
205  padding-left: 0em;
206}
207ul.toc li {
208  line-height: 150%;
209  font-weight: bold;
210  font-size: 10pt;
211  margin-left: 0em;
212  margin-right: 0em;
213}
214ul.toc li li {
215  line-height: normal;
216  font-weight: normal;
217  font-size: 9pt;
218  margin-left: 0em;
219  margin-right: 0em;
220}
221li.excluded {
222  font-size: 0pt;
223}
224ul p {
225  margin-left: 0em;
226}
227
228.comment {
229  background-color: yellow;
230}
231.center {
232  text-align: center;
233}
234.error {
235  color: red;
236  font-style: italic;
237  font-weight: bold;
238}
239.figure {
240  font-weight: bold;
241  text-align: center;
242  font-size: 9pt;
243}
244.filename {
245  color: #333333;
246  font-weight: bold;
247  font-size: 12pt;
248  line-height: 21pt;
249  text-align: center;
250}
251.fn {
252  font-weight: bold;
253}
254.hidden {
255  display: none;
256}
257.left {
258  text-align: left;
259}
260.right {
261  text-align: right;
262}
263.title {
264  color: #990000;
265  font-size: 18pt;
266  line-height: 18pt;
267  font-weight: bold;
268  text-align: center;
269  margin-top: 36pt;
270}
271.vcardline {
272  display: block;
273}
274.warning {
275  font-size: 14pt;
276  background-color: yellow;
277}
278
279
280@media print {
281  .noprint {
282    display: none;
283  }
284 
285  a {
286    color: black;
287    text-decoration: none;
288  }
289
290  table.header {
291    width: 90%;
292  }
293
294  td.header {
295    width: 50%;
296    color: black;
297    background-color: white;
298    vertical-align: top;
299    font-size: 12pt;
300  }
301
302  ul.toc a::after {
303    content: leader('.') target-counter(attr(href), page);
304  }
305 
306  ul.ind li li a {
307    content: target-counter(attr(href), page);
308  }
309 
310  .print2col {
311    column-count: 2;
312    -moz-column-count: 2;
313    column-fill: auto;
314  }
315}
316
317@page {
318  @top-left {
319       content: "Internet-Draft"; 
320  } 
321  @top-right {
322       content: "August 2011"; 
323  } 
324  @top-center {
325       content: "HTTP Authentication Scheme Registrations"; 
326  } 
327  @bottom-left {
328       content: "Reschke"; 
329  } 
330  @bottom-center {
331       content: "Expires February 24, 2012"; 
332  } 
333  @bottom-right {
334       content: "[Page " counter(page) "]"; 
335  } 
336}
337
338@page:first { 
339    @top-left {
340      content: normal;
341    }
342    @top-right {
343      content: normal;
344    }
345    @top-center {
346      content: normal;
347    }
348}
349</style><link rel="Contents" href="#rfc.toc">
350      <link rel="Author" href="#rfc.authors">
351      <link rel="Copyright" href="#rfc.copyrightnotice">
352      <link rel="Chapter" title="1 Introduction" href="#rfc.section.1">
353      <link rel="Chapter" title="2 Security Considerations" href="#rfc.section.2">
354      <link rel="Chapter" title="3 IANA Considerations" href="#rfc.section.3">
355      <link rel="Chapter" href="#rfc.section.4" title="4 Normative References">
356      <link rel="Appendix" title="A Initial Registry Contents" href="#rfc.section.A">
357      <link rel="Appendix" title="B Change Log (to be removed by RFC Editor before publication)" href="#rfc.section.B">
358      <meta name="generator" content="http://greenbytes.de/tech/webdav/rfc2629.xslt, Revision 1.553, 2011-07-27 17:45:31, XSLT vendor: SAXON 8.9 from Saxonica http://www.saxonica.com/">
359      <link rel="schema.dct" href="http://purl.org/dc/terms/">
360      <meta name="dct.creator" content="Reschke, J. F.">
361      <meta name="dct.identifier" content="urn:ietf:id:draft-ietf-httpbis-authscheme-registrations-latest">
362      <meta name="dct.issued" scheme="ISO8601" content="2011-08-23">
363      <meta name="dct.abstract" content="This document registers Hypertext Transfer Protocol (HTTP) authentication schemes which have been defined in standards-track RFCs before the IANA HTTP Authentication Scheme Registry was established.">
364      <meta name="description" content="This document registers Hypertext Transfer Protocol (HTTP) authentication schemes which have been defined in standards-track RFCs before the IANA HTTP Authentication Scheme Registry was established.">
365   </head>
366   <body>
367      <table class="header">
368         <tbody>
369            <tr>
370               <td class="left">HTTPbis Working Group</td>
371               <td class="right">J. Reschke</td>
372            </tr>
373            <tr>
374               <td class="left">Internet-Draft</td>
375               <td class="right">greenbytes</td>
376            </tr>
377            <tr>
378               <td class="left">Intended status: Informational</td>
379               <td class="right">August 23, 2011</td>
380            </tr>
381            <tr>
382               <td class="left">Expires: February 24, 2012</td>
383               <td class="right"></td>
384            </tr>
385         </tbody>
386      </table>
387      <p class="title">Initial Hypertext&nbsp;Transfer&nbsp;Protocol&nbsp;(HTTP) Authentication&nbsp;Scheme&nbsp;Registrations<br><span class="filename">draft-ietf-httpbis-authscheme-registrations-latest</span></p>
388      <h1 id="rfc.abstract"><a href="#rfc.abstract">Abstract</a></h1> 
389      <p>This document registers Hypertext Transfer Protocol (HTTP) authentication schemes which have been defined in standards-track
390         RFCs before the IANA HTTP Authentication Scheme Registry was established.
391      </p> 
392      <h1 id="rfc.note.1"><a href="#rfc.note.1">Editorial Note (To be removed by RFC Editor)</a></h1> 
393      <p>Discussion of this draft should take place on the HTTPBIS working group mailing list (ietf-http-wg@w3.org), which is archived
394         at &lt;<a href="http://lists.w3.org/Archives/Public/ietf-http-wg/">http://lists.w3.org/Archives/Public/ietf-http-wg/</a>&gt;.
395      </p> 
396      <p>The current issues list is at &lt;<a href="http://trac.tools.ietf.org/wg/httpbis/trac/query?component=authscheme-registrations">http://trac.tools.ietf.org/wg/httpbis/trac/query?component=authscheme-registrations</a>&gt; and related documents (including fancy diffs) can be found at &lt;<a href="http://tools.ietf.org/wg/httpbis/">http://tools.ietf.org/wg/httpbis/</a>&gt;.
397      </p> 
398      <p>The changes in this draft are summarized in <a href="#changes.since.01" title="Since draft-ietf-httpbis-authscheme-registrations-01">Appendix&nbsp;B.2</a>.
399      </p> 
400      <h1><a id="rfc.status" href="#rfc.status">Status of This Memo</a></h1>
401      <p>This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.</p>
402      <p>Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute
403         working documents as Internet-Drafts. The list of current Internet-Drafts is at <a href="http://datatracker.ietf.org/drafts/current/">http://datatracker.ietf.org/drafts/current/</a>.
404      </p>
405      <p>Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other
406         documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as “work
407         in progress”.
408      </p>
409      <p>This Internet-Draft will expire on February 24, 2012.</p>
410      <h1><a id="rfc.copyrightnotice" href="#rfc.copyrightnotice">Copyright Notice</a></h1>
411      <p>Copyright © 2011 IETF Trust and the persons identified as the document authors. All rights reserved.</p>
412      <p>This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (<a href="http://trustee.ietf.org/license-info">http://trustee.ietf.org/license-info</a>) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights
413         and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License
414         text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified
415         BSD License.
416      </p>
417      <hr class="noprint">
418      <h1 class="np" id="rfc.toc"><a href="#rfc.toc">Table of Contents</a></h1>
419      <ul class="toc">
420         <li>1.&nbsp;&nbsp;&nbsp;<a href="#introduction">Introduction</a></li>
421         <li>2.&nbsp;&nbsp;&nbsp;<a href="#security.considerations">Security Considerations</a></li>
422         <li>3.&nbsp;&nbsp;&nbsp;<a href="#iana.considerations">IANA Considerations</a></li>
423         <li>4.&nbsp;&nbsp;&nbsp;<a href="#rfc.references">Normative References</a></li>
424         <li><a href="#rfc.authors">Author's Address</a></li>
425         <li>A.&nbsp;&nbsp;&nbsp;<a href="#initial.registry.contents">Initial Registry Contents</a></li>
426         <li>B.&nbsp;&nbsp;&nbsp;<a href="#change.log">Change Log (to be removed by RFC Editor before publication)</a><ul>
427               <li>B.1&nbsp;&nbsp;&nbsp;<a href="#changes.since.00">Since draft-ietf-httpbis-authscheme-registrations-00</a></li>
428               <li>B.2&nbsp;&nbsp;&nbsp;<a href="#changes.since.01">Since draft-ietf-httpbis-authscheme-registrations-01</a></li>
429            </ul>
430         </li>
431      </ul>
432      <h1 id="rfc.section.1" class="np"><a href="#rfc.section.1">1.</a>&nbsp;<a id="introduction" href="#introduction">Introduction</a></h1>
433      <p id="rfc.section.1.p.1">This document registers Hypertext Transfer Protocol (HTTP) authentication schemes which have been defined in standards-track
434         RFCs before the IANA HTTP Authentication Scheme Registry was established.
435      </p>
436      <h1 id="rfc.section.2"><a href="#rfc.section.2">2.</a>&nbsp;<a id="security.considerations" href="#security.considerations">Security Considerations</a></h1>
437      <p id="rfc.section.2.p.1">There are no security considerations related to the registration itself.</p>
438      <h1 id="rfc.section.3"><a href="#rfc.section.3">3.</a>&nbsp;<a id="iana.considerations" href="#iana.considerations">IANA Considerations</a></h1>
439      <p id="rfc.section.3.p.1"> <a href="#initial.registry.contents" title="Initial Registry Contents">Appendix&nbsp;A</a> provides initial registrations of HTTP authentication schemes for the IANA HTTP Authentication Scheme registry at &lt;<a href="http://www.iana.org/assignments/http-authschemes">http://www.iana.org/assignments/http-authschemes</a>&gt; (see <a href="draft-ietf-httpbis-p7-auth-16.html#authentication.scheme.registry" title="Authentication Scheme Registry">Section 2.3</a> of <a href="#draft-ietf-httpbis-p7-auth"><cite title="HTTP/1.1, part 7: Authentication">[draft-ietf-httpbis-p7-auth]</cite></a>).
440      </p>
441      <h1 id="rfc.references"><a href="#rfc.section.4" id="rfc.section.4">4.</a> Normative References
442      </h1>
443      <table>     
444         <tr>
445            <td class="reference"><b id="RFC2617">[RFC2617]</b></td>
446            <td class="top"><a href="mailto:john@math.nwu.edu" title="Northwestern University, Department of Mathematics">Franks, J.</a>, <a href="mailto:pbaker@verisign.com" title="Verisign Inc.">Hallam-Baker, P.</a>, <a href="mailto:jeff@AbiSource.com" title="AbiSource, Inc.">Hostetler, J.</a>, <a href="mailto:lawrence@agranat.com" title="Agranat Systems, Inc.">Lawrence, S.</a>, <a href="mailto:paulle@microsoft.com" title="Microsoft Corporation">Leach, P.</a>, Luotonen, A., and <a href="mailto:stewart@OpenMarket.com" title="Open Market, Inc.">L. Stewart</a>, “<a href="http://tools.ietf.org/html/rfc2617">HTTP Authentication: Basic and Digest Access Authentication</a>”, RFC&nbsp;2617, June&nbsp;1999.
447            </td>
448         </tr>
449         <tr>
450            <td class="reference"><b id="RFC4559">[RFC4559]</b></td>
451            <td class="top">Jaganathan, K., Zhu, L., and J. Brezak, “<a href="http://tools.ietf.org/html/rfc4559">SPNEGO-based Kerberos and NTLM HTTP Authentication in Microsoft Windows</a>”, RFC&nbsp;4559, June&nbsp;2006.
452            </td>
453         </tr>
454         <tr>
455            <td class="reference"><b id="draft-ietf-httpbis-p7-auth">[draft-ietf-httpbis-p7-auth]</b></td>
456            <td class="top"><a href="mailto:fielding@gbiv.com" title="Day Software">Fielding, R., Ed.</a>, <a href="mailto:jg@freedesktop.org" title="Alcatel-Lucent Bell Labs">Gettys, J.</a>, <a href="mailto:JeffMogul@acm.org" title="Hewlett-Packard Company">Mogul, J.</a>, <a href="mailto:henrikn@microsoft.com" title="Microsoft Corporation">Frystyk, H.</a>, <a href="mailto:LMM@acm.org" title="Adobe Systems, Incorporated">Masinter, L.</a>, <a href="mailto:paulle@microsoft.com" title="Microsoft Corporation">Leach, P.</a>, <a href="mailto:timbl@w3.org" title="World Wide Web Consortium">Berners-Lee, T.</a>, <a href="mailto:ylafon@w3.org" title="World Wide Web Consortium">Lafon, Y., Ed.</a>, and <a href="mailto:julian.reschke@greenbytes.de" title="greenbytes GmbH">J. Reschke, Ed.</a>, “<a href="http://tools.ietf.org/html/draft-ietf-httpbis-p7-auth-16">HTTP/1.1, part 7: Authentication</a>”, Internet-Draft&nbsp;draft-ietf-httpbis-p7-auth-16 (work in progress), August&nbsp;2011.
457            </td>
458         </tr>
459      </table>
460      <div class="avoidbreak">
461         <h1 id="rfc.authors"><a href="#rfc.authors">Author's Address</a></h1>
462         <address class="vcard"><span class="vcardline"><span class="fn">Julian F. Reschke</span><span class="n hidden"><span class="family-name">Reschke</span><span class="given-name">Julian F.</span></span></span><span class="org vcardline">greenbytes GmbH</span><span class="adr"><span class="street-address vcardline">Hafenweg 16</span><span class="vcardline"><span class="locality">Muenster</span>, <span class="region">NW</span>&nbsp;<span class="postal-code">48155</span></span><span class="country-name vcardline">Germany</span></span><span class="vcardline">Email: <a href="mailto:julian.reschke@greenbytes.de"><span class="email">julian.reschke@greenbytes.de</span></a></span><span class="vcardline">URI: <a href="http://greenbytes.de/tech/webdav/" class="url">http://greenbytes.de/tech/webdav/</a></span></address>
463      </div>
464      <h1 id="rfc.section.A" class="np"><a href="#rfc.section.A">A.</a>&nbsp;<a id="initial.registry.contents" href="#initial.registry.contents">Initial Registry Contents</a></h1>
465      <div id="rfc.table.u.1">
466         <table class="tt full left" cellpadding="3" cellspacing="0">
467            <thead>
468               <tr>
469                  <th>Authentication Scheme Name</th>
470                  <th>Reference</th>
471                  <th>Notes</th>
472               </tr>
473            </thead>
474            <tbody>
475               <tr>
476                  <td class="left">Basic</td>
477                  <td class="left"><a href="#RFC2617"><cite title="HTTP Authentication: Basic and Digest Access Authentication">[RFC2617]</cite></a>, <a href="http://tools.ietf.org/html/rfc2617#section-2">Section 2</a></td>
478                  <td class="left"></td>
479               </tr>
480               <tr>
481                  <td class="left">Digest</td>
482                  <td class="left"><a href="#RFC2617"><cite title="HTTP Authentication: Basic and Digest Access Authentication">[RFC2617]</cite></a>, <a href="http://tools.ietf.org/html/rfc2617#section-3">Section 3</a></td>
483                  <td class="left"></td>
484               </tr>
485               <tr>
486                  <td class="left">Negotiate</td>
487                  <td class="left"><a href="#RFC4559"><cite title="SPNEGO-based Kerberos and NTLM HTTP Authentication in Microsoft Windows">[RFC4559]</cite></a>, <a href="http://tools.ietf.org/html/rfc4559#section-3">Section 3</a></td>
488                  <td class="left">This authentication scheme violates both HTTP semantics (being connection-oriented) and syntax (use of syntax incompatible
489                     with the WWW-Authenticate and Authorization header field syntax).
490                  </td>
491               </tr>
492            </tbody>
493         </table>
494      </div>
495      <h1 id="rfc.section.B"><a href="#rfc.section.B">B.</a>&nbsp;<a id="change.log" href="#change.log">Change Log (to be removed by RFC Editor before publication)</a></h1>
496      <h2 id="rfc.section.B.1"><a href="#rfc.section.B.1">B.1</a>&nbsp;<a id="changes.since.00" href="#changes.since.00">Since draft-ietf-httpbis-authscheme-registrations-00</a></h2>
497      <p id="rfc.section.B.1.p.1">Update draft-ietf-httpbis-p7-auth reference.</p>
498      <h2 id="rfc.section.B.2"><a href="#rfc.section.B.2">B.2</a>&nbsp;<a id="changes.since.01" href="#changes.since.01">Since draft-ietf-httpbis-authscheme-registrations-01</a></h2>
499      <p id="rfc.section.B.2.p.1">Update draft-ietf-httpbis-p7-auth reference.</p>
500      <p id="rfc.section.B.2.p.2">Closed issues: </p>
501      <ul>
502         <li> &lt;<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/308">http://tools.ietf.org/wg/httpbis/trac/ticket/308</a>&gt;: "need to reserve 'negotiate' as auth scheme name"
503         </li>
504      </ul>
505   </body>
506</html>
Note: See TracBrowser for help on using the repository browser.