From nobody Wed Jan 6 20:14:55 2016 Return-Path: X-Original-To: http-auth@ietf.org Delivered-To: http-auth@ietfa.amsl.com Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id DBACD1A0250; Wed, 6 Jan 2016 20:14:50 -0800 (PST) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit From: internet-drafts@ietf.org To: X-Test-IDTracker: no X-IETF-IDTracker: 6.11.0 Auto-Submitted: auto-generated Precedence: bulk Message-ID: <20160107041450.32761.36163.idtracker@ietfa.amsl.com> Date: Wed, 06 Jan 2016 20:14:50 -0800 Archived-At: Cc: http-auth@ietf.org Subject: [http-auth] I-D Action: draft-ietf-httpauth-mutual-06.txt X-BeenThere: http-auth@ietf.org X-Mailman-Version: 2.1.15 List-Id: HTTP authentication methods List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 07 Jan 2016 04:14:51 -0000 A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Hypertext Transfer Protocol Authentication Working Group of the IETF. Title : Mutual Authentication Protocol for HTTP Authors : Yutaka Oiwa Hajime Watanabe Hiromitsu Takagi Kaoru Maeda Tatsuya Hayashi Yuichi Ioku Filename : draft-ietf-httpauth-mutual-06.txt Pages : 56 Date : 2016-01-06 Abstract: This document specifies a mutual authentication method for the Hyper- text Transfer Protocol (HTTP). This method provides a true mutual authentication between an HTTP client and an HTTP server using password-based authentication. Unlike the Basic and Digest authentication methods, the Mutual authentication method specified in this document assures the user that the server truly knows the user's encrypted password. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-httpauth-mutual/ There's also a htmlized version available at: https://tools.ietf.org/html/draft-ietf-httpauth-mutual-06 A diff from the previous version is available at: https://www.ietf.org/rfcdiff?url2=draft-ietf-httpauth-mutual-06 Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ From nobody Wed Jan 6 20:15:15 2016 Return-Path: X-Original-To: http-auth@ietf.org Delivered-To: http-auth@ietfa.amsl.com Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 8182C1A1A14; Wed, 6 Jan 2016 20:15:04 -0800 (PST) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit From: internet-drafts@ietf.org To: X-Test-IDTracker: no X-IETF-IDTracker: 6.11.0 Auto-Submitted: auto-generated Precedence: bulk Message-ID: <20160107041504.28808.71845.idtracker@ietfa.amsl.com> Date: Wed, 06 Jan 2016 20:15:04 -0800 Archived-At: Cc: http-auth@ietf.org Subject: [http-auth] I-D Action: draft-ietf-httpauth-mutual-algo-04.txt X-BeenThere: http-auth@ietf.org X-Mailman-Version: 2.1.15 List-Id: HTTP authentication methods List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 07 Jan 2016 04:15:04 -0000 A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Hypertext Transfer Protocol Authentication Working Group of the IETF. Title : Mutual Authentication Protocol for HTTP: KAM3-based Cryptographic Algorithms Authors : Yutaka Oiwa Hajime Watanabe Hiromitsu Takagi Kaoru Maeda Tatsuya Hayashi Yuichi Ioku Filename : draft-ietf-httpauth-mutual-algo-04.txt Pages : 16 Date : 2016-01-06 Abstract: This document specifies some cryptographic algorithms which will be used for the Mutual user authentication method for the Hyper-text Transport Protocol (HTTP). The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-httpauth-mutual-algo/ There's also a htmlized version available at: https://tools.ietf.org/html/draft-ietf-httpauth-mutual-algo-04 A diff from the previous version is available at: https://www.ietf.org/rfcdiff?url2=draft-ietf-httpauth-mutual-algo-04 Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ From nobody Wed Jan 6 20:15:18 2016 Return-Path: X-Original-To: http-auth@ietf.org Delivered-To: http-auth@ietfa.amsl.com Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id B626C1A0367; Wed, 6 Jan 2016 20:15:07 -0800 (PST) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit From: internet-drafts@ietf.org To: X-Test-IDTracker: no X-IETF-IDTracker: 6.11.0 Auto-Submitted: auto-generated Precedence: bulk Message-ID: <20160107041507.26334.5387.idtracker@ietfa.amsl.com> Date: Wed, 06 Jan 2016 20:15:07 -0800 Archived-At: Cc: http-auth@ietf.org Subject: [http-auth] I-D Action: draft-ietf-httpauth-extension-05.txt X-BeenThere: http-auth@ietf.org X-Mailman-Version: 2.1.15 List-Id: HTTP authentication methods List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 07 Jan 2016 04:15:07 -0000 A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Hypertext Transfer Protocol Authentication Working Group of the IETF. Title : HTTP Authentication Extensions for Interactive Clients Authors : Yutaka Oiwa Hajime Watanabe Hiromitsu Takagi Tatsuya Hayashi Yuichi Ioku Filename : draft-ietf-httpauth-extension-05.txt Pages : 26 Date : 2016-01-06 Abstract: This document specifies a few extensions of HTTP authentication framework for interactive clients. Recently, fundamental features of HTTP-level authentication is not enough for complex requirements of various Web-based applications. This makes these applications to implement their own authentication frameworks using HTML Forms and other means, which becomes one of the hurdles against introducing secure authentication mechanisms handled jointly by servers and user- agent clients. The extended framework fills gaps between Web application requirements and HTTP authentication provisions to solve the above problems, while maintaining compatibility against existing Web and non-Web uses of HTTP authentications. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-httpauth-extension/ There's also a htmlized version available at: https://tools.ietf.org/html/draft-ietf-httpauth-extension-05 A diff from the previous version is available at: https://www.ietf.org/rfcdiff?url2=draft-ietf-httpauth-extension-05 Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ From nobody Tue Jan 19 14:14:43 2016 Return-Path: X-Original-To: http-auth@ietfa.amsl.com Delivered-To: http-auth@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DD39F1ACDFD for ; Tue, 19 Jan 2016 14:14:41 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.999 X-Spam-Level: X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id glCh7PJC8L6t for ; Tue, 19 Jan 2016 14:14:40 -0800 (PST) Received: from mail-pf0-x235.google.com (mail-pf0-x235.google.com [IPv6:2607:f8b0:400e:c00::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E05A51A037F for ; Tue, 19 Jan 2016 14:14:39 -0800 (PST) Received: by mail-pf0-x235.google.com with SMTP id e65so182831678pfe.0 for ; Tue, 19 Jan 2016 14:14:39 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:references:from:to:message-id:date:user-agent:mime-version :in-reply-to:content-type; bh=xlcdtdKGM4c+pc9YuAeUJVAVYRTXL8YCXHLVGjieXJw=; b=wzEVfUpA1T+PCzGyyu4gJIMOvoRK4CrEAApAuTs+S7qLPyRYs0+Z6e4TyHV7ixn/Aq uip+T79Ebdgd/raR6Kj2NlSJ7g18hTYhKUbnFiZ/tt2ItUybNwRElsOgU5RS9l1tqQe1 zb1N9m0d2cGotOa5LiXEfiRhNnzKVemplEuKBA0oy4em6XZqAPBsVJ1ygKngnHcYJCsK 5t9aCWi6FBNLyhQYPsX1kPD9frJstocxvzJiMAfQ17cqx4iVaekPiqga84SYRcJKCpd9 /LVd+IrPKOt7gsNfeivzQ/NbaKdCmDrrl31lvAWDCFwEN6U1u6zj1ZdOPlK6xnYRsWBR sMdg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:subject:references:from:to:message-id:date :user-agent:mime-version:in-reply-to:content-type; bh=xlcdtdKGM4c+pc9YuAeUJVAVYRTXL8YCXHLVGjieXJw=; b=XHeiDqEwNr6/zfHwgGEFy442ai5Yd+mi/jC0L12OAJtG77d7U6ELjuK5793jvzLjbu +UAyOrRb5qpMzzdYnTPn1rxeveJsLuphix4yQTxOLz4SwcCS0/si7ZM4EVKscCbA9HLj fOBBdzYUCwRP7A8etKgTd/wC8q2wMXwDRhOMBLR8GxkqcHI0ggTWMf7NJozYWC6m8KFN 97g9j7rNFx12XEjBx/Ewu1wiB4k9o28dQOKs71XIIWEweOa9k6igLvq7iPahzSs49D0p o3DE1obyvRkYyfz4gAa8KU4yiQ2M3viBLkQTS+RvQhx3C6CIYH5ILrSe85plB4YkLpqZ tK1g== X-Gm-Message-State: ALoCoQl0mxeAdYSVGPSwwiJbZ8ASHDibEgAfcsr4zbfMNq1ARQXEvCRMDPYUm+4/na2ziMH6qpUL8hozvVdu4086qwvaBEyFNw== X-Received: by 10.98.80.135 with SMTP id g7mr47850752pfj.132.1453241679538; Tue, 19 Jan 2016 14:14:39 -0800 (PST) Received: from [172.16.121.230] ([103.15.250.10]) by smtp.gmail.com with ESMTPSA id i76sm43718611pfj.68.2016.01.19.14.14.36 for (version=TLSv1/SSLv3 cipher=OTHER); Tue, 19 Jan 2016 14:14:38 -0800 (PST) References: <20160119003939.32412.79468.idtracker@ietfa.amsl.com> From: Yaron Sheffer To: http-auth@ietf.org X-Forwarded-Message-Id: <20160119003939.32412.79468.idtracker@ietfa.amsl.com> Message-ID: <569EB541.7010506@gmail.com> Date: Wed, 20 Jan 2016 00:14:25 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.5.1 MIME-Version: 1.0 In-Reply-To: <20160119003939.32412.79468.idtracker@ietfa.amsl.com> Content-Type: multipart/alternative; boundary="------------060608030305070506010006" Archived-At: Subject: [http-auth] Fwd: New Version Notification for draft-yusef-httpauth-srp-scheme-02.txt X-BeenThere: http-auth@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: HTTP authentication methods List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 19 Jan 2016 22:14:42 -0000 This is a multi-part message in MIME format. --------------060608030305070506010006 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Hi, Rifaat and I submitted this new version yesterday, with more clarity on initial discovery of the authentication realm, and a bunch of smaller changes. Comments and questions are most welcome! Yaron -------- Forwarded Message -------- Subject: New Version Notification for draft-yusef-httpauth-srp-scheme-02.txt Date: Mon, 18 Jan 2016 16:39:39 -0800 From: internet-drafts@ietf.org To: Rifaat Shekh-Yusef , Yaron Sheffer A new version of I-D, draft-yusef-httpauth-srp-scheme-02.txt has been successfully submitted by Rifaat Shekh-Yusef and posted to the IETF repository. Name: draft-yusef-httpauth-srp-scheme Revision: 02 Title: HTTP Secure Remote Password (SRP) Authentication Scheme Document date: 2016-01-18 Group: Individual Submission Pages: 11 URL: https://www.ietf.org/internet-drafts/draft-yusef-httpauth-srp-scheme-02.txt Status: https://datatracker.ietf.org/doc/draft-yusef-httpauth-srp-scheme/ Htmlized: https://tools.ietf.org/html/draft-yusef-httpauth-srp-scheme-02 Diff: https://www.ietf.org/rfcdiff?url2=draft-yusef-httpauth-srp-scheme-02 Abstract: This document defines an HTTP Authentication Scheme that is based on the Secure Remote Password (SRP) protocol. The SRP protocol is an Augmented Password Authenticated Key Exchange (PAKE) protocol suitable for authenticating users and exchanging keys over an untrusted network. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat --------------060608030305070506010006 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 8bit Hi,

Rifaat and I submitted this new version yesterday, with more clarity on initial discovery of the authentication realm, and a bunch of smaller changes.

Comments and questions are most welcome!

    Yaron

-------- Forwarded Message --------
Subject: New Version Notification for draft-yusef-httpauth-srp-scheme-02.txt
Date: Mon, 18 Jan 2016 16:39:39 -0800
From: internet-drafts@ietf.org
To: Rifaat Shekh-Yusef <rifaat.ietf@gmail.com>, Yaron Sheffer <yaronf.ietf@gmail.com> 


A new version of I-D, draft-yusef-httpauth-srp-scheme-02.txt
has been successfully submitted by Rifaat Shekh-Yusef and posted to the
IETF repository.

Name:		draft-yusef-httpauth-srp-scheme
Revision:	02
Title:		HTTP Secure Remote Password (SRP) Authentication Scheme
Document date:	2016-01-18
Group:		Individual Submission
Pages:		11
URL:            https://www.ietf.org/internet-drafts/draft-yusef-httpauth-srp-scheme-02.txt
Status:         https://datatracker.ietf.org/doc/draft-yusef-httpauth-srp-scheme/
Htmlized:       https://tools.ietf.org/html/draft-yusef-httpauth-srp-scheme-02
Diff:           https://www.ietf.org/rfcdiff?url2=draft-yusef-httpauth-srp-scheme-02

Abstract:
   This document defines an HTTP Authentication Scheme that is based on
   the Secure Remote Password (SRP) protocol.  The SRP protocol is an
   Augmented Password Authenticated Key Exchange (PAKE) protocol
   suitable for authenticating users and exchanging keys over an
   untrusted network.

                                                                                  


Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

The IETF Secretariat


--------------060608030305070506010006--