%% You should probably cite rfc8053 instead of this I-D. @techreport{ietf-httpauth-extension-06, number = {draft-ietf-httpauth-extension-06}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-ietf-httpauth-extension/06/}, author = {Yutaka Oiwa and Hajime Watanabe and Hiromitsu Takagi and Tatsuya Hayashi and Yuichi Ioku}, title = {{HTTP Authentication Extensions for Interactive Clients}}, pagetotal = 26, year = 2016, month = may, day = 25, abstract = {This document specifies extensions of HTTP authentication framework for interactive clients. Recently, fundamental features of HTTP- level authentication are insufficient for complex requirements of various Web-based applications. This forces these applications to implement their own authentication frameworks using HTML Forms and other means, which becomes one of the hurdles against introducing secure authentication mechanisms handled jointly by servers and user- agent. The extended framework fills gaps between Web application requirements and HTTP authentication provisions to solve the above problems, while maintaining compatibility against existing Web and non-Web uses of HTTP authentications.}, }