Skip to main content

HTTP Authentication Extensions for Interactive Clients

Document Type Expired Internet-Draft (candidate for httpauth WG)
Expired & archived
Authors Yutaka Oiwa , Hajime Watanabe , Hiromitsu Takagi , Boku Kihara, Tatsuya Hayashi , Yuichi Ioku
Last updated 2013-04-10 (Latest revision 2012-06-04)
RFC stream Internet Engineering Task Force (IETF)
Intended RFC status (None)
Additional resources Mailing list discussion
Stream WG state Call For Adoption By WG Issued
Document shepherd (None)
IESG IESG state Expired
Consensus boilerplate Unknown
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


This document specifies a few extensions of HTTP authentication framework for interactive clients. Recently, fundamental features of HTTP-level authentication is not enough for complex requirements of various Web-based applications. This makes these applications to implement their own authentication frameworks using HTML Forms and other means, which becomes one of the hurdles against introducing secure authentication mechanisms handled jointly by servers and user- agent clients. The extended framework fills gaps between Web application requirements and HTTP authentication provisions to solve the above problems, while maintaining compatibility against existing Web and non-Web uses of HTTP authentications.


Yutaka Oiwa
Hajime Watanabe
Hiromitsu Takagi
Boku Kihara
Tatsuya Hayashi
Yuichi Ioku

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)