draft-ietf-httpbis-authscheme-registrations-10.txt   rfc7236.txt 
HTTPbis Working Group J. Reschke Internet Engineering Task Force (IETF) J. Reschke
Internet-Draft greenbytes Request for Comments: 7236 greenbytes
Intended status: Informational February 6, 2014 Category: Informational June 2014
Expires: August 10, 2014 ISSN: 2070-1721
Initial Hypertext Transfer Protocol (HTTP) Initial Hypertext Transfer Protocol (HTTP)
Authentication Scheme Registrations Authentication Scheme Registrations
draft-ietf-httpbis-authscheme-registrations-10
Abstract Abstract
This document registers Hypertext Transfer Protocol (HTTP) This document registers Hypertext Transfer Protocol (HTTP)
authentication schemes which have been defined in RFCs before the authentication schemes that have been defined in RFCs before the IANA
IANA HTTP Authentication Scheme Registry was established. HTTP Authentication Scheme Registry was established.
Editorial Note (To be removed by RFC Editor)
Discussion of this draft takes place on the HTTPBIS working group
mailing list (ietf-http-wg@w3.org), which is archived at
<http://lists.w3.org/Archives/Public/ietf-http-wg/>.
The current issues list is at <http://trac.tools.ietf.org/wg/httpbis/
trac/query?component=authscheme-registrations> and related documents
(including fancy diffs) can be found at
<http://tools.ietf.org/wg/httpbis/>.
The changes in this draft are summarized in Appendix A.2.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This document is not an Internet Standards Track specification; it is
provisions of BCP 78 and BCP 79. published for informational purposes.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months This document is a product of the Internet Engineering Task Force
and may be updated, replaced, or obsoleted by other documents at any (IETF). It represents the consensus of the IETF community. It has
time. It is inappropriate to use Internet-Drafts as reference received public review and has been approved for publication by the
material or to cite them other than as "work in progress." Internet Engineering Steering Group (IESG). Not all documents
approved by the IESG are a candidate for any level of Internet
Standard; see Section 2 of RFC 5741.
This Internet-Draft will expire on August 10, 2014. Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
http://www.rfc-editor.org/info/rfc7236.
Copyright Notice Copyright Notice
Copyright (c) 2014 IETF Trust and the persons identified as the Copyright (c) 2014 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
skipping to change at page 2, line 19 skipping to change at page 2, line 7
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Security Considerations . . . . . . . . . . . . . . . . . . . . 3 2. Security Considerations . . . . . . . . . . . . . . . . . . . . 2
3. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 3 3. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 2
4. Normative References . . . . . . . . . . . . . . . . . . . . . 3 4. Normative References . . . . . . . . . . . . . . . . . . . . . 3
Appendix A. Change Log (to be removed by RFC Editor before
publication) . . . . . . . . . . . . . . . . . . . . . 4
A.1. Since draft-ietf-httpbis-authscheme-registrations-08 . . . 4
A.2. Since draft-ietf-httpbis-authscheme-registrations-09 . . . 4
1. Introduction 1. Introduction
This document registers Hypertext Transfer Protocol (HTTP) This document registers Hypertext Transfer Protocol (HTTP)
authentication schemes which have been defined in RFCs before the authentication schemes that have been defined in RFCs before the IANA
IANA HTTP Authentication Scheme Registry was established. HTTP Authentication Scheme Registry was established.
2. Security Considerations 2. Security Considerations
There are no security considerations related to the registration There are no security considerations related to the registration
itself. itself.
Security considerations applicable to the individual authentication Security considerations applicable to the individual authentication
schemes ought to be discussed in the specifications that define them. schemes ought to be discussed in the specifications that define them.
3. IANA Considerations 3. IANA Considerations
The table below provides registrations of HTTP authentication schemes The registrations below have been added to the IANA "Hypertext
to be added to the IANA HTTP Authentication Scheme registry at Transfer Protocol (HTTP) Authentication Scheme Registry" at
<http://www.iana.org/assignments/http-authschemes> (see Section 5.1 <http://www.iana.org/assignments/http-authschemes> (see Section 5.1
of [draft-ietf-httpbis-p7-auth]). of [RFC7235]).
+----------------+------------+-------------------------------------+ +----------------+------------+-------------------------------------+
| Authentication | Reference | Notes | | Authentication | Reference | Notes |
| Scheme Name | | | | Scheme Name | | |
+----------------+------------+-------------------------------------+ +----------------+------------+-------------------------------------+
| Basic | [RFC2617], | | | Basic | [RFC2617], | |
| | Section 2 | | | | Section 2 | |
| Bearer | [RFC6750] | | | Bearer | [RFC6750] | |
| Digest | [RFC2617], | | | Digest | [RFC2617], | |
| | Section 3 | | | | Section 3 | |
skipping to change at page 3, line 48 skipping to change at page 3, line 7
| | | (use of syntax incompatible with | | | | (use of syntax incompatible with |
| | | the WWW-Authenticate and | | | | the WWW-Authenticate and |
| | | Authorization header field syntax). | | | | Authorization header field syntax). |
| OAuth | [RFC5849], | | | OAuth | [RFC5849], | |
| | Section | | | | Section | |
| | 3.5.1 | | | | 3.5.1 | |
+----------------+------------+-------------------------------------+ +----------------+------------+-------------------------------------+
4. Normative References 4. Normative References
[RFC2617] Franks, J., Hallam-Baker, P., [RFC2617] Franks, J., Hallam-Baker, P., Hostetler, J., Lawrence, S.,
Hostetler, J., Lawrence, S., Leach, P., Leach, P., Luotonen, A., and L. Stewart, "HTTP
Luotonen, A., and L. Stewart, "HTTP Authentication: Basic and Digest Access Authentication",
Authentication: Basic and Digest Access RFC 2617, June 1999.
Authentication", RFC 2617, June 1999.
[RFC4559] Jaganathan, K., Zhu, L., and J. Brezak,
"SPNEGO-based Kerberos and NTLM HTTP
Authentication in Microsoft Windows",
RFC 4559, June 2006.
[RFC5849] Hammer-Lahav, E., "The OAuth 1.0
Protocol", RFC 5849, April 2010.
[RFC6750] Jones, M. and D. Hardt, "The OAuth 2.0
Authorization Framework: Bearer Token
Usage", RFC 6750, October 2012.
[draft-ietf-httpbis-p7-auth] Fielding, R., Ed. and J. Reschke, Ed.,
"Hypertext Transfer Protocol
(HTTP/1.1): Authentication",
draft-ietf-httpbis-p7-auth-26 (work in
progress), February 2014.
Appendix A. Change Log (to be removed by RFC Editor before publication)
Changes up to the IETF Last Call draft are summarized in <http://
trac.tools.ietf.org/html/
draft-ietf-httpbis-authscheme-registrations-08#appendix-B>.
A.1. Since draft-ietf-httpbis-authscheme-registrations-08
Closed issues:
o <http://tools.ietf.org/wg/httpbis/trac/ticket/514>: "registration
tables should be inside IANA considerations"
Clarified the IANA action to say "add".
Updated httpbis reference.
A.2. Since draft-ietf-httpbis-authscheme-registrations-09 [RFC4559] Jaganathan, K., Zhu, L., and J. Brezak, "SPNEGO-based
Kerberos and NTLM HTTP Authentication in Microsoft
Windows", RFC 4559, June 2006.
Closed issues: [RFC5849] Hammer-Lahav, E., "The OAuth 1.0 Protocol", RFC 5849,
April 2010.
o <http://tools.ietf.org/wg/httpbis/trac/ticket/530>: [RFC6750] Jones, M. and D. Hardt, "The OAuth 2.0 Authorization
"draft-ietf-httpbis-authscheme-registrations-09" Framework: Bearer Token Usage", RFC 6750, October 2012.
Updated httpbis reference. [RFC7235] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer
Protocol (HTTP/1.1): Authentication", RFC 7235, June 2014.
Author's Address Author's Address
Julian F. Reschke Julian F. Reschke
greenbytes GmbH greenbytes GmbH
Hafenweg 16 Hafenweg 16
Muenster, NW 48155 Muenster, NW 48155
Germany Germany
EMail: julian.reschke@greenbytes.de EMail: julian.reschke@greenbytes.de
 End of changes. 17 change blocks. 
89 lines changed or deleted 39 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/