A Method for Signing an HTTP Requests for OAuth
draft-richer-oauth-signed-http-request-01

Document Type Replaced Internet-Draft (individual)
Last updated 2014-07-15 (latest revision 2014-04-24)
Replaced by draft-ietf-oauth-signed-http-request
Stream IETF
Intended RFC status Proposed Standard
Formats
Expired & archived
plain text pdf html bibtex
Stream WG state (None)
Document shepherd No shepherd assigned
IESG IESG state Replaced by draft-ietf-oauth-signed-http-request
Consensus Boilerplate Unknown
Telechat date
Responsible AD Kathleen Moriarty
Send notices to oauth-chairs@ietf.org

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at
https://www.ietf.org/archive/id/draft-richer-oauth-signed-http-request-01.txt

Abstract

This document a method for offering data origin authentication and integrity protection of HTTP requests. To convey the relevant data items in the request a JSON-based encapsulation is used and the JSON Web Signature (JWS) technique is re-used. JWS offers integrity protection using symmetric as well as asymmetric cryptography.

Authors

Justin Richer (jricher@mitre.org)
John Bradley (ve7jtb@ve7jtb.com)
Hannes Tschofenig (Hannes.Tschofenig@gmx.net)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)