RFC 8053

HTTP Authentication Extensions for Interactive Clients, January 2017

Canonical URL:
https://www.rfc-editor.org/rfc/rfc8053.txt
File formats:
Plain TextPDF
Status:
EXPERIMENTAL
Authors:
Y. Oiwa
H. Watanabe
H. Takagi
K. Maeda
T. Hayashi
Y. Ioku
Stream:
IETF
Source:
httpauth (sec)

Cite this RFC: TXT  |  XML

DOI:  10.17487/RFC8053

Discuss this RFC: Send questions or comments to http-auth@ietf.org

Other actions: Submit Errata  |  Find IPR Disclosures from the IETF


Abstract

This document specifies extensions for the HTTP authentication framework for interactive clients. Currently, fundamental features of HTTP-level authentication are insufficient for complex requirements of various Web-based applications. This forces these applications to implement their own authentication frameworks by means such as HTML forms, which becomes one of the hurdles against introducing secure authentication mechanisms handled jointly by servers and user agents. The extended framework fills gaps between Web application requirements and HTTP authentication provisions to solve the above problems, while maintaining compatibility with existing Web and non-Web uses of HTTP authentication.


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 4844.


Download PDF Reader



Search RFCs
Advanced Search
×