Skip to main content

HTTP Authentication: MAC Access Authentication

Document Type Expired Internet-Draft (individual)
Expired & archived
Authors Eran Hammer-Lahav , Adam Barth , Ben Adida
Last updated 2011-05-09
RFC stream (None)
Intended RFC status (None)
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


This document specifies the HTTP MAC access authentication scheme, an HTTP authentication method using a message authentication code (MAC) algorithm to provide cryptographic verification of portions of HTTP requests. The document also defines an OAuth 2.0 binding for use as an access-token type, as well as an extension attribute to the HTTP Set-Cookie response header field.


Eran Hammer-Lahav
Adam Barth
Ben Adida

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)