HTTP Mutual authentication protocol

The Internet-Draft

Previous versions are available as draft-oiwa-http-mutualauth

  • To implement it, you may need a crypto suite separately: one example is available as



  • Strong authentication using password or any possibly-weak shared secrets
    • Secrets will never be leaked to eavesdroppers and protocol recipients, even if they exploit exhaustive searches on possible passwords
      • For cryptographers: using PAKE (or ZKPP) for it
  • Strong mutual authentication: Web users can distinguish their registered Websites from fake servers, protection against web frauds
  • Strictly based on HTTP 2617 or httpbis-p7, allowing easy system integration
  • Additional support for Web applications using a companion proposal
    • Support for guest users, log-out control, page navigation on authentication events, and more
    • See that proposal for more details
  • Strict channel binding to HTTPS, also forwarding detection on plain HTTP
  • Fixed several loopholes of Digest
    • Strong-enough hashes, no fixed cryptographic primitives, strict replay attack protection within fixed amount of memory (per each session key)


Reference implementations are available on project homepage

  • Web browser (modified Mozilla Firefox)
  • Web server module (Apache module)

We also have 2nd implementations on each side: a standalone client, and purely Ruby-based server implementation (to be published).

Comparisons (or non-comparisons)

Please refer draft Section 1 for comparisons (or non-conflicting relations) to existing technologies.

Possible deployments

  • Replacing Basic and Digest is quite easy: it's just a drop-in replacement sharing httpbis-p7 framework. For Digest, even password DB can be migrated.
  • Replacing Web Forms: the pair of this proposal and the companion can be considered as pre-implemented API framework: refer section 5 of the companion draft for possible deployment tactics.
    • If you really want, on several application server frameworks (i.e. except Apache), you can implement the whole protocol on the web application layer (contrary to web-server layer).
Last modified 10 years ago Last modified on 25/06/12 08:59:15