Browse Prior Art Database

The Secure HyperText Transfer Protocol (RFC2660)

IP.com Disclosure Number: IPCOM000003250D
Original Publication Date: 1999-Aug-01
Included in the Prior Art Database: 2019-Feb-11
Document File: 45 page(s) / 62K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

E. Rescorla: AUTHOR [+1]

Related Documents

10.17487/RFC2660: DOI

Abstract

This memo describes a syntax for securing messages sent using the Hypertext Transfer Protocol (HTTP), which forms the basis for the World Wide Web. This memo defines an Experimental Protocol for the Internet community.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 4% of the total text.

Network Working Group E. Rescorla Request for Comments: 2660 RTFM, Inc. Category: Experimental A. Schiffman Terisa Systems, Inc. August 1999

The Secure HyperText Transfer Protocol

Status of this Memo

This memo defines an Experimental Protocol for the Internet community. It does not specify an Internet standard of any kind. Discussion and suggestions for improvement are requested. Distribution of this memo is unlimited.

Copyright Notice

Copyright (C) The Internet Society (1999). All Rights Reserved.

Abstract

This memo describes a syntax for securing messages sent using the Hypertext Transfer Protocol (HTTP), which forms the basis for the World Wide Web. Secure HTTP (S-HTTP) provides independently applicable security services for transaction confidentiality, authenticity/integrity and non-repudiability of origin.

The protocol emphasizes maximum flexibility in choice of key management mechanisms, security policies and cryptographic algorithms by supporting option negotiation between parties for each transaction.

Table of Contents

1. Introduction .................................................. 3 1.1. Summary of Features ......................................... 3 1.2. Changes ..................................................... 4 1.3. Processing Model ............................................ 5 1.4. Modes of Operation .......................................... 6 1.5. Implementation Options ...................................... 7 2. Message Format ................................................ 7 2.1. Notational Conventions ...................................... 8 2.2. The Request Line ............................................ 8 2.3. The Status Line ............................................. 8 2.4. Secure HTTP Header Lines .................................... 8 2.5. Content .....................................................12 2.6. Encapsulation Format Options ................................13

Rescorla & Schiffman Experimental [Page 1]

RFC 2660 The Secure HyperText Transfer Protocol August 1999

2.6.1. Content-Privacy-Domain: CMS ...............................13 2.6.2. Content-Privacy-Domain: MOSS ..............................14 2.6.3. Permitted HTTP headers ....................................14 2.6.3.2. Host ....................................................15 2.6.3.3. Connection ..............................................15 3. Cryptographic Parameters ......................................15 3.1. Options Headers .............................................15 3.2. Negotiation Options .........................................16 3.2.1. Negotiation Overview ......................................16 3.2.2. Negotiation Option Format .................................16 3.2.3. Parametrization for Variable-length Key Ciphers ...........18 3.2.4. Negotiation Syntax ........................................18 3.3. Non-Negotiation Headers .....................................23 3.3.1. Encryption-Identity ................................

Processing...
Loading...