Authors are Stephen Farrell, Paul Hoffman, and Michael Thomas. Kathleen
Moriarty is the responsible Area Directory. Yoav Nir is the document
HTTP Origin-Bound Authentication (HOBA) is a digital signature based
design for an HTTP authentication method. The design can also be
alternative to HTTP authentication schemes that require passwords and
therefore avoids all problems related to passwords, such as leakage
of server-side password databases.
Review and Consensus
This document is one of the experimental documents submitted to the
HTTP-Auth working group. The proposed authentication method has been
reviewed by many participants, mostly in WGLC, resulting in a
longish list in the acknowledgements section and some substantial
With version -07 it is the consensus of the HTTP-Auth working group
that this document is fit to be published as an experimental RFC.
There are at least two implementations of the protocol in this
document (,). They work and interoperate, but there is no
wide-spread deployment, which suggests that "experimental" is the
correct track for this document.
All authors have confirmed that they are not aware of any undisclosed
IPR associated with this document. There have been no IPR disclosures.