Initial Hypertext Transfer Protocol (HTTP)
Authentication Scheme Registrations
greenbytes GmbH
Hafenweg 16
MuensterNW48155
Germany
julian.reschke@greenbytes.de
http://greenbytes.de/tech/webdav/
HTTPbis Working Group
This document registers Hypertext Transfer Protocol (HTTP)
authentication schemes which have been defined in standards-track RFCs
before the IANA HTTP Authentication Scheme Registry was established.
Discussion of this draft takes place on the HTTPBIS working group
mailing list (ietf-http-wg@w3.org), which is archived at
.
The current issues list is at
and related
documents (including fancy diffs) can be found at
.
The changes in this draft are summarized in .
This document registers Hypertext Transfer Protocol (HTTP)
authentication schemes which have been defined in standards-track RFCs
before the IANA HTTP Authentication Scheme Registry was established.
There are no security considerations related to the registration itself.
provides initial registrations
of HTTP authentication schemes for the IANA HTTP Authentication Scheme registry
at
(see Section 5.1 of ).
Hypertext Transfer Protocol (HTTP/1.1): Authentication
Adobe Systems Incorporated
fielding@gbiv.com
greenbytes GmbH
julian.reschke@greenbytes.de
HTTP Authentication: Basic and Digest Access Authentication
Northwestern University, Department of Mathematics
john@math.nwu.edu
Verisign Inc.
pbaker@verisign.com
AbiSource, Inc.
jeff@AbiSource.com
Agranat Systems, Inc.
lawrence@agranat.com
Microsoft Corporation
paulle@microsoft.com
Netscape Communications Corporation
Open Market, Inc.
stewart@OpenMarket.com
SPNEGO-based Kerberos and NTLM HTTP Authentication in Microsoft Windows
The OAuth 1.0 Protocol
The OAuth 2.0 Authorization Framework: Bearer Token Usage
Authentication Scheme Name
Reference
Notes
Basic, Section 2
Bearer
Digest, Section 3
Negotiate, Section 3
This authentication scheme violates both HTTP semantics (being connection-oriented)
and syntax (use of syntax incompatible with the WWW-Authenticate and Authorization header field
syntax).
OAuth, Section 3.5.1
Update draft-ietf-httpbis-p7-auth reference.
Update draft-ietf-httpbis-p7-auth reference.
Closed issues:
:
"need to reserve 'negotiate' as auth scheme name"
Update draft-ietf-httpbis-p7-auth reference.
Update draft-ietf-httpbis-p7-auth reference.
Closed issues:
:
"add OAuth auth scheme to initial registry contents"
Update draft-ietf-httpbis-p7-auth reference. Added OAuth 2.0 Bearer scheme.
Update draft-ietf-httpbis-p7-auth reference.
Update draft-ietf-httpbis-p7-auth reference.
Update draft-ietf-httpbis-p7-auth reference.