Mediated Digest Authentication
draft-ietf-http-mda-00
Document | Type |
Expired Internet-Draft
(http WG)
Expired & archived
|
|
---|---|---|---|
Author | Dr. Dave Raggett | ||
Last updated | 1995-04-10 | ||
RFC stream | Internet Engineering Task Force (IETF) | ||
Intended RFC status | (None) | ||
Formats | |||
Additional resources | Mailing list discussion | ||
Stream | WG state | WG Document | |
Document shepherd | (None) | ||
IESG | IESG state | Expired | |
Consensus boilerplate | Unknown | ||
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
As the number of commercial services on the world wide web increases rapidly, the need arises for a means for these services to authenticate clients, and vice versa. A simple scheme can be based on keyed hash functions with a shared secret key for each client/server pair. Key management becomes impractical for both clients and servers when the number of participants is scaled up. This document describes a efficient scheme for using mutually trusted third parties to mediate authentication, as a direct extension of the digest access authentication scheme. The scheme is based upon public domain algorithms, and unlike encryption software, isn't subject to export restrictions. The main benefits to users include: avoiding having to enter separate user names and passwords for each service, and an ability to authenticate servers. It is proposed that the mediated digest authentication scheme be included in the proposed HTTP/1.1 specification.
Authors
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)