Changes between Version 19 and Version 20 of HttpAuthProposals

Timestamp:

Oct 14, 2012, 5:10:40 AM (7 years ago)

Author:

hannes.tschofenig@…

Comment:

--

HttpAuthProposals

@@ -40 +40 @@
    A WITHRDRAWN (replaced with RESTauth) proposal for authentication based on SASL/GSS at the application network layer (but at the HTTP API layer). [http://tools.ietf.org/html/draft-williams-rest-gss-01 HTML version.]
 
-== Input Documents ==
 
 === [http://www.ietf.org/id/draft-williams-httpbis-auth-classification-01.txt Classification] ===
@@ -46 +45 @@
    A proposal for classification and analysis of HTTPbis authentication
    proposals. [http://tools.ietf.org/html/draft-williams-httpbis-auth-classification-01 HTML version.]
+
+=== [http://tools.ietf.org/html/draft-nir-tls-eap-13 TLS-EAP] ===
+
+   This document extends the Transport Layer Security (TLS) protocol
+   with a flexible and widely deployed authentication framework, namely
+   the Extensible Authentication Protocol (EAP), to improve security of
+   Web- as well as non-Web-based applications.  The EAP framework allows
+   so-called EAP methods, i.e. authentication and key exchange
+   protocols, to be plugged into EAP without having to re-design the
+   underlying protocol.  The benefit of such an easy integration is the
+   ability to run authentication protocols that fit a specific
+   deployment environment, both from a credential choice as well as from
+   the security and performance characteristics of the actual protocol.
+
+=== [http://tools.ietf.org/html/draft-tschofenig-secure-the-web Web Security] ===
+
+   This memorandum illustrates a shared vision for how to
+   deal with the most pressing Web security problems.