HTTP Authentication: MAC Access Authentication

Document Type Expired Internet-Draft (individual)
Authors Eran Hammer-Lahav  , Adam Barth  , Ben Adida 
Last updated 2011-05-09 (latest revision 2011-04-29)
Stream (None)
Expired & archived
plain text html xml pdf htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


This document specifies the HTTP MAC access authentication scheme, an HTTP authentication method using a message authentication code (MAC) algorithm to provide cryptographic verification of portions of HTTP requests. The document also defines an OAuth 2.0 binding for use as an access-token type, as well as an extension attribute to the HTTP Set-Cookie response header field.


Eran Hammer-Lahav (
Adam Barth (
Ben Adida (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)