HTTP Authentication Extensions for Interactive Clients

Yutaka Oiwa,Hajime Watanabe,Hiromitsu Takagi,Kaoru Maeda,Tatsuya Hayashi,Yuichi Ioku

HTTP Authentication Extensions for Interactive Clients

2016

Yutaka Oiwa
Hajime Watanabe
Hiromitsu Takagi
Kaoru Maeda
Tatsuya Hayashi
Yuichi Ioku

This document specifies extensions for the HTTP authentication framework for interactive clients. Currently, fundamental features of HTTP-level authentication are insufficient for complex requirements of various Web-based applications. This forces these applications to implement their own authentication frameworks by means like HTML forms, which becomes one of the hurdles against introducing secure authentication mechanisms handled jointly by servers and user-agent. The extended framework fills gaps between Web application requirements and HTTP authentication provisions to solve the above problems, while maintaining compatibility with existing Web and non-Web uses of HTTP authentication.

Keywords:

Challenge-Handshake Authentication Protocol
Multi-factor authentication
Authentication
Lightweight Extensible Authentication Protocol
Generic Bootstrapping Architecture
NTLMSSP
Computer network
Computer security
Server
Authentication protocol
Computer science
Web application
World Wide Web

Correction
Source
Cite
Save
Machine Reading By IdeaReader

References

Citations