HTTP Authentication: Third-Party Authentication
draft-smith-http-third-party-authentication-00
| Document | Type |
Expired Internet-Draft
(individual)
Expired & archived
|
|
|---|---|---|---|
| Author | James Smith | ||
| Last updated | 2000-08-09 | ||
| RFC stream | (None) | ||
| Intended RFC status | (None) | ||
| Formats | |||
| Stream | Stream state | (No stream defined) | |
| Consensus boilerplate | Unknown | ||
| RFC Editor Note | (None) | ||
| IESG | IESG state | Expired | |
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
Existing HTTP authentication schemes require knowledge of the secret used to establish the client's identity be known in some manner by the site requiring the authentication. Some situations exist in which a site has a legitimate reason to authenticate a client but cannot be trusted with the information required to authenticate that client. The authentication scheme defined in this document allows a site to authenticate a client via a trusted third-party.
Authors
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)