RESTful Hypertext Transfer Protocol Application-Layer Authentication Using Generic Security Services
draft-williams-rest-gss-00
| Document | Type |
This is an older version of an Internet-Draft whose latest revision state is "Expired".
Expired & archived
|
|
|---|---|---|---|
| Author | Nicolás Williams | ||
| Last updated | 2011-06-06 | ||
| RFC stream | (None) | ||
| Formats | |||
| Stream | Stream state | (No stream defined) | |
| Consensus boilerplate | Unknown | ||
| RFC Editor Note | (None) | ||
| IESG | IESG state | Expired | |
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
This document describes a method for application-layer authentication in Hypertext Transfer Protocol (HTTP) applications using Generic Security Services Application Programming Interface (GSS-API) mechanisms via, for simplicity, the Simple Authentication and Security Layers (SASL) mechanism bridge known as "GS2". This approach to authentication allows for pluggability, mutual authentication, and channel binding, all with no changes to HTTP nor the Transport Layer Security (TLS). We hope that the use of mutual authentication and channel binding at the application layer will make phishing more difficult. We hope that the use of authentication at the application layer will make REST-GSS deployable.
Authors
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)