Version 7 (modified by y.oiwa@…, 7 years ago) (diff)


HTTP Authentication Proposals

This page tracks proposals for new HTTP authentication schemes.

To make a proposal, please submit an Internet-Draft whose name follows this convention:

draft-{your name}-httpbis-{proposal name}

Current Proposals


A proposal for classification and analysis of HTTPbis authentication proposals.


A proposal for authentication based on SASL/GSS at the application network layer (but at the HTTP API layer).

draft-oiwa-httpbis-mutualauth: HTTP Mutual authentication

A secure HTTP authentication method providing user-server mutual authentication, strong secrecy on passwords, and others. Combined with auth-extension below to support Web application requirements (i.e. to replace Form authentication).

draft-oiwa-httpbis-mutualauth: HTTP authentication extensions for interactive clients

A simple but powerful generic framework extension to HTTP authentication, to enable use of HTTP authentication for recent Web applications.