HTTP Authentication with EAP
draft-torvinen-http-eap-01

Document Type Expired Internet-Draft (individual)
Last updated 2001-11-21
Stream (None)
Intended RFC status (None)
Formats
Expired & archived
pdf htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at
https://www.ietf.org/archive/id/draft-torvinen-http-eap-01.txt

Abstract

This document describes a HTTP authentication scheme using PPP Extensible Authentication Protocol (EAP). HTTP EAP authentication enables HTTP connections to be authenticated using any of the authentication schemes supported through EAP. EAP performs the authentication without sending the password in the clear text format (which is the biggest weakness of the Basic HTTP authentication scheme, for example). EAP is useful for HTTP protocol because it opens up several new authentication schemes without additional specification work. The same benefits can be reached by any other protocols, which apply HTTP authentication, such as Session Initiation Protocol (SIP).

Authors

Jari Arkko (jari.arkko@piuha.net)
Vesa Torvinen (vesa.torvinen@ericsson.fi)
Aki Niemi (aki.niemi@nokia.com)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)