Explicitly Authenticated Proxy in HTTP/2.0
draft-loreto-httpbis-explicitly-auth-proxy-01

Document Type Expired Internet-Draft (individual)
Authors Salvatore Loreto  , John Preuß Mattsson  , Robert Skog  , Hans Spaak , Gus Bourg  , Dan Druta  , Mohammad Hafeez
Last updated 2015-01-05 (latest revision 2014-07-04)
Stream (None)
Intended RFC status (None)
Formats
Expired & archived
plain text pdf htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at
https://www.ietf.org/archive/id/draft-loreto-httpbis-explicitly-auth-proxy-01.txt

Abstract

This document proposes the definition of an Explicitly Authenticated Proxy as intermediary of normally unprotected "http" URI scheme requests and responses of HTTP2 traffic. An Explicitly Authenticated Proxy is a message forwarding agent that is selected, with explicit user's consent, and configured by the user agent to receive exclusively "http" URI scheme requests and attempt to satisfy those requests on behalf of the user agent. A client is connected to an Explicitly Authenticated Proxy through an authenticated TLS secured connection. This document describes a method for a user agent to automatically discover and authenticate, and for an user to provide consent for an Explicitly Authenticated Proxy. This enables proxied communication to be encrypted and authenticated, explicitly acknowledged by the user agent and visible to the server end point.

Authors

Salvatore Loreto (Salvatore.Loreto@ericsson.com)
John Preuß Mattsson (john.mattsson@ericsson.com)
Robert Skog (robert.skog@ericsson.com)
Hans Spaak (hans.spaak@ericsson.com)
Gus Bourg (gb3635@att.com)
Dan Druta (dd5826@att.com)
Mohammad Hafeez (mh2897@att.com)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)