%% You should probably cite rfc8053 instead of this I-D. @techreport{ietf-httpauth-extension-02, number = {draft-ietf-httpauth-extension-02}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-ietf-httpauth-extension/02/}, author = {Yutaka Oiwa and Hajime Watanabe and Hiromitsu Takagi and Tatsuya Hayashi and Yuichi Ioku}, title = {{HTTP Authentication Extensions for Interactive Clients}}, pagetotal = 24, year = 2014, month = aug, day = 19, abstract = {This document specifies a few extensions of HTTP authentication framework for interactive clients. Recently, fundamental features of HTTP-level authentication is not enough for complex requirements of various Web-based applications. This makes these applications to implement their own authentication frameworks using HTML Forms and other means, which becomes one of the hurdles against introducing secure authentication mechanisms handled jointly by servers and user- agent clients. The extended framework fills gaps between Web application requirements and HTTP authentication provisions to solve the above problems, while maintaining compatibility against existing Web and non-Web uses of HTTP authentications.}, }