RESTful Hypertext Transfer Protocol Application-Layer Authentication Using Generic Security Services
draft-williams-rest-gss-02
| Document | Type |
Expired Internet-Draft
(individual)
Expired & archived
|
|
|---|---|---|---|
| Author | Nicolás Williams | ||
| Last updated | 2013-01-16 (Latest revision 2012-07-15) | ||
| RFC stream | (None) | ||
| Intended RFC status | (None) | ||
| Formats | |||
| Stream | Stream state | (No stream defined) | |
| Consensus boilerplate | Unknown | ||
| RFC Editor Note | (None) | ||
| IESG | IESG state | Expired | |
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
This document describes an application-layer authentication protocol in Hypertext Transfer Protocol (HTTP) applications using Generic Security Services Application Programming Interface (GSS-API) mechanisms. The GSS-API is used, for simplicity, via the Simple Authentication and Security Layers (SASL) mechanism bridge known as "GS2". This approach to authentication allows for simplicity, pluggability, mutual authentication, and channel binding, all with no changes to any vbe ersion of HTTP nor the Transport Layer Security (TLS). Although this is an application-layer protocol, we hope that it will be implemented in HTTP stacks for ease of use. That is, this protocol should be implemented at the HTTP application programming interface (API) layer wherever possible even though it is an application-layer protocol. We hope that the use of authentication at the application layer will make REST-GSS deployable.
Authors
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)