Technical Summary
-----------------
This document specifies a mutual authentication scheme for the
Hypertext Transfer Protocol (HTTP). This scheme provides true mutual
authentication between an HTTP client and an HTTP server using
password-based authentication. Unlike the Basic and Digest
authentication schemes, the Mutual authentication scheme specified in
this document assures the user that the server truly knows the user's
encrypted password.
Working Group Summary
---------------------
This document is one of the experimental documents submitted to the
HTTP-Auth working group.
With version -8 it is the consensus of the HTTP-Auth working group
that this document is fit to be published as an experimental RFC.
Document Quality
----------------
The proposed mutual authentication method has been reviewed by a fair
number of participants.
There is at least one known implementation of this protocol.
Intellectual Property
=====================
The authors declared 2 IPRs:
https://datatracker.ietf.org/ipr/search/?submit=draft&id=draft-ietf-httpauth-mutual
Personnel
---------
Authors: Yutaka Oiwa, Hajime Watanabe, Hiromitsu Takagi, Kaoru Maeda,
Tatsuya Hayashi, and Yuichi Ioku
Shepherd: Rifaat Shekh-Yusef
Area Director: Kathleen Moriarty