@techreport{williams-rest-gss-02,
    number =    {draft-williams-rest-gss-02},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-williams-rest-gss/02/},
    author =    {Nicolás Williams},
    title =     {{RESTful Hypertext Transfer Protocol Application-Layer Authentication Using Generic Security Services}},
    pagetotal = 23,
    year =      2012,
    month =     jul,
    day =       15,
    abstract =  {This document describes an application-layer authentication protocol in Hypertext Transfer Protocol (HTTP) applications using Generic Security Services Application Programming Interface (GSS-API) mechanisms. The GSS-API is used, for simplicity, via the Simple Authentication and Security Layers (SASL) mechanism bridge known as "GS2". This approach to authentication allows for simplicity, pluggability, mutual authentication, and channel binding, all with no changes to any vbe ersion of HTTP nor the Transport Layer Security (TLS). Although this is an application-layer protocol, we hope that it will be implemented in HTTP stacks for ease of use. That is, this protocol should be implemented at the HTTP application programming interface (API) layer wherever possible even though it is an application-layer protocol. We hope that the use of authentication at the application layer will make REST-GSS deployable.},
}