RFC 2660 The Secure HyperText Transfer Protocol August 1999 2.6.1. Content-Privacy-Domain: CMS ...............................13 2.6.2. Content-Privacy-Domain: MOSS ..............................14 2.6.3. Permitted HTTP headers ....................................14 2.6.3.2. Host ....................................................15 2.6.3.3. Connection ..............................................15 3. Cryptographic Parameters ......................................15 3.1. Options Headers .............................................15 3.2. Negotiation Options .........................................16 3.2.1. Negotiation Overview ......................................16 3.2.2. Negotiation Option Format .................................16 3.2.3. Parametrization for Variable-length Key Ciphers ...........18 3.2.4. Negotiation Syntax ........................................18 3.3. Non-Negotiation Headers .....................................23 3.3.1. Encryption-Identity .......................................23 3.3.2. Certificate-Info ..........................................23 3.3.3. Key-Assign ................................................24 3.3.4. Nonces ....................................................25 3.4. Grouping Headers With SHTTP-Cryptopts .......................26 3.4.1. SHTTP-Cryptopts ...........................................26 4. New Header Lines for HTTP .....................................26 4.1. Security-Scheme .............................................26 5. (Retriable) Server Status Error Reports .......................27 5.1. Retry for Option (Re)Negotiation ............................27 5.2. Specific Retry Behavior .....................................28 5.3. Limitations On Automatic Retries ............................29 6. Other Issues ..................................................30 6.1. Compatibility of Servers with Old Clients ...................30 6.2. URL Protocol Type ...........................................30 6.3. Browser Presentation ........................................31 7. Implementation Notes ..........................................32 7.1. Preenhanced Data ............................................32 7.2. Note:Proxy Interaction ......................................34 7.2.1. Client-Proxy Authentication ...............................34 8. Implementation Recommendations and Requirements ...............34 9. Protocol Syntax Summary .......................................35 10. An Extended Example ..........................................36 Appendix: A Review of CMS ........................................40 Bibliography and References ......................................41 Security Considerations ..........................................43 Authors' Addresses ...............................................44 Full Copyright Statement..........................................45 Rescorla & Schiffman Experimental