Skip to main content

Common Template for HTTP Message-based Multi-hop Authentication

Document Type Expired Internet-Draft (individual)
Expired & archived
Authors Yutaka Oiwa , Hajime Watanabe , Hiromitsu Takagi , Boku Kihara, Tatsuya Hayashi , Yuichi Ioku
Last updated 2013-08-22 (Latest revision 2013-02-18)
RFC stream (None)
Intended RFC status (None)
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


This document specifies a common protocol design template for authentication on the Hyper-text Transport Protocol (HTTP) involving multi-hop message exchanges. To facilitate advanced authentication technologies such as hash-based exchanges, zero-knowledge password proof, or public-key authentications on HTTP, a kind of state management and key management facilities are required on the general HTTP authentication message framework. Also, to optimize performance of such authentication schemes, a well-designed mechanism for key caching and re-authentication are needed. The template defined in this document provides a generic foundation for implementing such advanced authentication technologies.


Yutaka Oiwa
Hajime Watanabe
Hiromitsu Takagi
Boku Kihara
Tatsuya Hayashi
Yuichi Ioku

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)