RFC 2084 (rfc2084) - Page 1 of 6
Considerations for Web Transaction Security
Alternative Format: Original Text Document
Network Working Group G. Bossert
Request for Comments: 2084 S. Cooper
Category: Informational Silicon Graphics Inc.
W. Drummond
IEEE, Inc.
January 1997
Considerations for Web Transaction Security
Status of this Memo
This memo provides information for the Internet community. This memo
does not specify an Internet standard of any kind. Distribution of
this memo is unlimited.
Abstract
This document specifies the requirements for the provision of
security services to the HyperText Transport Protocol. These
services include confidentiality, integrity, user authentication, and
authentication of servers/services, including proxied or gatewayed
services. Such services may be provided as extensions to HTTP, or as
an encapsulating security protocol. Secondary requirements include
ease of integration and support of multiple mechanisms for providing
these services.
1. Introduction
The use of the HyperText Transport Protocol [1] to provide
specialized or commercial services and personal or private data
necessitates the development of secure versions that include privacy
and authentication services. Such services may be provided as
extensions to HTTP, or as encapsulating security protocols; for the
purposes of this document, all such enhancements will be referred to
as WTS.
In this document, we specify the requirements for WTS, with the
intent of codifying perceived Internet-wide needs, along with
existing practice, in a way that aids in the evaluation and
development of such protocols.
Bossert, et. al. Informational