RFC 2660:The Secure HyperText Transfer Protocol
RFC-Ref
Previous
|
Next
Frontpage
|
Contents
|
Keywords
The Secure HyperText Transfer Protocol
1. Introduction
1.1. Summary of Features
1.2. Changes
1.3. Processing Model
1.3.1. Message Preparation
1.3.2. Message Recovery
1.4. Modes of Operation
1.4.1. Signature
1.4.2. Key Exchange and Encryption
1.4.3. Message Integrity and Sender Authentication
1.4.4. Freshness
1.5. Implementation Options
2. Message Format
2.1. Notational Conventions
2.2. Request Line
2.3. The Status Line
2.4. Secure HTTP Header Lines
2.4.1. Content-Privacy-Domain
2.4.2. Content-Type for CMS
2.4.3. Content-Type for MOSS
2.4.4. Prearranged-Key-Info
2.4.5. MAC-Info
2.5. Content
2.6. Encapsulation Format Options
2.6.1. Content-Privacy-Domain: CMS
2.6.1.1. Signature
2.6.1.2. Encryption
2.6.1.2.1. Encryption -- normal, public key
2.6.1.2.2. Encryption -- prearranged key
2.6.2. Content-Privacy-Domain: MOSS
2.6.3. Permitted HTTP headers
2.6.3.1. Overview
2.6.3.2. Host
2.6.3.3. Connection
3. Cryptographic Parameters
3.1. Options Headers
3.2. Negotiation Options
3.2.1. Negotiation Overview
3.2.2. Negotiation Option Format
3.2.3. Parametrization for Variable-length Key Ciphers
3.2.4. Negotiation Syntax
3.2.4.1. SHTTP-Privacy-Domains
3.2.4.2. SHTTP-Certificate-Types
3.2.4.3. SHTTP-Key-Exchange-Algorithms
3.2.4.4. SHTTP-Signature-Algorithms
3.2.4.5. SHTTP-Message-Digest-Algorithms
3.2.4.6. SHTTP-Symmetric-Content-Algorithms
3.2.4.7. SHTTP-Symmetric-Header-Algorithms
3.2.4.8. SHTTP-MAC-Algorithms
3.2.4.9. SHTTP-Privacy-Enhancements
3.2.4.10. Your-Key-Pattern
3.2.4.10.1. Cover Key Patterns
3.2.4.10.2. Auth key patterns
3.2.4.10.3. Signing Key Pattern
3.2.4.11. Example
3.2.4.12. Defaults
3.3. Non-Negotiation Headers
3.3.1. Encryption-Identity
3.3.1.1. DN-1779 Name Class
3.3.2. Certificate-Info
3.3.3. Key-Assign
3.3.3.1. Inband Key Assignment
3.3.4. Nonces
3.3.4.1. Nonce
3.4. Grouping Headers With SHTTP-Cryptopts
3.4.1. SHTTP-Cryptopts
4. New Header Lines for HTTP
4.1. Security-Scheme
4.1.1. Nonce-Echo
5. Retriable) Server Status Error Reports
5.1. Retry for Option (Re)Negotiation
5.2. Specific Retry Behavior
5.2.1. Unauthorized 401, PaymentRequired 402
5.2.2. SecurityRetry
5.2.2.1. SecurityRetries for S-HTTP Requests
5.2.2.2. SecurityRetries for HTTP Requests
5.2.3. BogusHeader
5.2.4. SHTTP Proxy Authentication Required
5.2.5. SHTTP Not Modifed
5.2.6. Redirection 3XX
5.3. Limitations On Automatic Retries
5.3.1. Automatic Encryption Retry
5.3.2. Automatic Signature Retry
5.3.3. Automatic MAC Authentication Retry
6. Other Issues
6.1. Compatibility of Servers with Old Clients
6.2. URL Protocol Type
6.3. Browser Presentation
6.3.1. Transaction Security Status
6.3.2. Failure Reporting
6.3.3. Certificate Management
6.3.4. Anchor Dereference
7. Implementation Notes
7.1. Preenhanced Data
7.1.1. Motivation
7.1.2. Presigned Requests/Responses
7.1.3. Presigned Documents
7.1.4. Recursive Encapsulation
7.1.5. Preencrypted Messages
7.2. Proxy Interaction
7.2.1. Client-Proxy Authentication
8. Implementation Recommendations and Requirements
9. Protocol Syntax Summary
9.1. S-HTTP (Unencapsulated) Headers
9.2. HTTP (Encapsulated) Non-negotiation Options
9.3. Encapsulated Negotiation Options
9.4. HTTP Methods
9.5. Server Status Reports
10. An Extended Example
10.1. A request using RSA key exchange with Inband key reply
10.2. A request using the auth enhancement
11. Appendix: A Review of CMS
12. Appendix: Internet Media Type message/s-http
13. Bibliography and References
14. Security Considerations
15. Authors' Addresses
16. Full Copyright Statement
17. Acknowledgement
Previous
|
Next
Frontpage
|
Contents
|
Keywords
Web
RFC-Ref
RFC-Ref.org
Frontpage
Global Index
RFC
Sister Sites
Chess-Ref.org
Law-Ref.org
InChI.info
Zvon.org
