The Secure HyperText Transfer Protocol, August 1999
- File formats:
- HISTORIC (changed from EXPERIMENTAL)
- E. Rescorla
- wts (sec)
Discuss this RFC: Send questions or comments to the mailing list [email protected]
This memo describes a syntax for securing messages sent using the Hypertext Transfer Protocol (HTTP), which forms the basis for the World Wide Web. Secure HTTP (S-HTTP) provides independently applicable security services for transaction confidentiality, authenticity/integrity and non-repudiability of origin.
The protocol emphasizes maximum flexibility in choice of key management mechanisms, security policies and cryptographic algorithms by supporting option negotiation between parties for each transaction.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.