@techreport{broyer-http-cookie-auth-00,
    number =    {draft-broyer-http-cookie-auth-00},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-broyer-http-cookie-auth/00/},
    author =    {Thomas Broyer},
    title =     {{Cookie-based HTTP Authentication}},
    pagetotal = 11,
    year =      2009,
    month =     jan,
    day =       4,
    abstract =  {This document specifies an HTTP authentication scheme for use when credentials are validated by an out-of-band mechanism (not defined here) and later communicated to the server through the use of a cookie. Which out-of-band mechanism should be used, and how, is described by the 401 (Unauthorized) response body. It is common practice that this mechanism is an HTML form, sending the user's credentials with the use of an HTTP POST request to a tier URL which will set a cookie in response; though this document doesn't preclude the use of other mechanisms.},
}