Skip to main content

HTTP Authentication Extensions for Interactive Clients

Document Type Expired Internet-Draft (individual)
Expired & archived
Authors Yutaka Oiwa , Hajime Watanabe , Hiromitsu Takagi , Boku Kihara, Tatsuya Hayashi , Yuichi Ioku
Last updated 2012-12-06 (Latest revision 2012-06-04)
RFC stream (None)
Intended RFC status (None)
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


This document specifies a few extensions of HTTP authentication framework for interactive clients. Recently, fundamental features of HTTP-level authentication is not enough for complex requirements of various Web-based applications. This makes these applications to implement their own authentication frameworks using HTML Forms and other means, which becomes one of the hurdles against introducing secure authentication mechanisms handled jointly by servers and user- agent clients. The extended framework fills gaps between Web application requirements and HTTP authentication provisions to solve the above problems, while maintaining compatibility against existing Web and non-Web uses of HTTP authentications.


Yutaka Oiwa
Hajime Watanabe
Hiromitsu Takagi
Boku Kihara
Tatsuya Hayashi
Yuichi Ioku

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)