Distributed Identity for the Web

Document Type Expired Internet-Draft (individual)
Author Sam Hartman 
Last updated 2006-06-15
Stream (None)
Intended RFC status (None)
Expired & archived
plain text htmlized pdfized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


It is often useful to be able to use distributed identity--an identity from one organization for accessing resources from another. for example it would be useful to use an identifier corresponding to your work identity when accessing business partners' websites. Similarly collaborative projects can benefit from distributed identity. This memo proposes a scheme for distributed identity that meets requirements to minimize the risk of phishing attacks for HTTP- based applications including websites.


Sam Hartman (hartmans-ietf@mit.edu)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)