RFC 2660 (rfc2660) - Page 2 of 45


The Secure HyperText Transfer Protocol



Alternative Format: Original Text Document



RFC 2660         The Secure HyperText Transfer Protocol      August 1999


   2.6.1. Content-Privacy-Domain: CMS ...............................13
   2.6.2. Content-Privacy-Domain: MOSS ..............................14
   2.6.3. Permitted HTTP headers ....................................14
   2.6.3.2. Host ....................................................15
   2.6.3.3. Connection ..............................................15
   3. Cryptographic Parameters ......................................15
   3.1. Options Headers .............................................15
   3.2. Negotiation Options .........................................16
   3.2.1. Negotiation Overview ......................................16
   3.2.2. Negotiation Option Format .................................16
   3.2.3. Parametrization for Variable-length Key Ciphers ...........18
   3.2.4. Negotiation Syntax ........................................18
   3.3. Non-Negotiation Headers .....................................23
   3.3.1. Encryption-Identity .......................................23
   3.3.2. Certificate-Info ..........................................23
   3.3.3. Key-Assign ................................................24
   3.3.4. Nonces ....................................................25
   3.4. Grouping Headers With SHTTP-Cryptopts .......................26
   3.4.1. SHTTP-Cryptopts ...........................................26
   4. New Header Lines for HTTP .....................................26
   4.1. Security-Scheme .............................................26
   5. (Retriable) Server Status Error Reports .......................27
   5.1. Retry for Option (Re)Negotiation ............................27
   5.2. Specific Retry Behavior .....................................28
   5.3. Limitations On Automatic Retries ............................29
   6. Other Issues ..................................................30
   6.1. Compatibility of Servers with Old Clients ...................30
   6.2. URL Protocol Type ...........................................30
   6.3. Browser Presentation ........................................31
   7. Implementation Notes ..........................................32
   7.1. Preenhanced Data ............................................32
   7.2. Note:Proxy Interaction ......................................34
   7.2.1. Client-Proxy Authentication ...............................34
   8. Implementation Recommendations and Requirements ...............34
   9. Protocol Syntax Summary .......................................35
   10. An Extended Example ..........................................36
   Appendix: A Review of CMS ........................................40
   Bibliography and References ......................................41
   Security Considerations ..........................................43
   Authors' Addresses ...............................................44
   Full Copyright Statement..........................................45










Rescorla & Schiffman          Experimental