A New Internet-Draft is available from the on-line Internet-Drafts directories.
Title : HTTP Session Management
Author(s) : Phillip Hallam-Baker
Filename : draft-hallambaker-httpsession-01.txt
Pages : 20
Date : 2013-05-14
Abstract:
The HTTP Session Management Mechanism provides a mean of securely
establishing a persistent authentication session between a HTTP
client and server that does not rely on the presentation of a
confidential bearer token. The Session Management Mechanism is
intended to provide a replacement for the existing HTTP State
Management Mechanism (Cookies) for this purpose.
This document defines the HTTP Accept-Session, Set-Session and
Session headers and specifies their use to establish symmetric
authentication keys and their use to authenticate and verify specific
parts of an HTTP message. Other means by which keys used to
authenticate the messages are established are outside the scope of
this document.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-hallambaker-httpsession
There's also a htmlized version available at:
http://tools.ietf.org/html/draft-hallambaker-httpsession-01
A diff from the previous version is available at:
http://www.ietf.org/rfcdiff?url2=draft-hallambaker-httpsession-01
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
_______________________________________________
I-D-Announce mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
