Technical Summary
This document specifies cryptographic algorithms for use with the
Mutual user authentication method for the Hyper-text Transport
Protocol (HTTP).
Working Group Summary
This document is one in a three-part set of documents describing the
Mutual-Auth authentication method for HTTP. This part describes the
cryptographic algorithms for use with MutualAuth. The algorithms are
based on Augmented Password-based Authenticated Key Exchange
(Augmented PAKE) techniques.
With version -05 it is the consensus of the HTTP-Auth working group
that this document is fit to be published as an experimental RFC.
The document received a moderate amount of review from the working
group. In addition we solicited and received a review from Melinda
Shore.
Document Quality
There are implementations of this protocol written by the authors.
They take the form of a modified web server and a fork of the Firefox
browser that include this functionality.
Personnel
Yoav Nir is the document shepherd.
Kathleen Moriarty is the responsible Area Director.
IANA Note
This document defines four new tokens to be added to the "HTTP Mutual
authentication algorithms" registry.