{"draft":"draft-ietf-httpauth-hoba-10","doc_id":"RFC7486","title":"HTTP Origin-Bound Authentication (HOBA)","authors":["S. Farrell","P. Hoffman","M. Thomas"],"format":["ASCII","HTML"],"page_count":"28","pub_status":"EXPERIMENTAL","status":"EXPERIMENTAL","source":"Hypertext Transfer Protocol Authentication","abstract":"HTTP Origin-Bound Authentication (HOBA) is a digital-signature-based\r\ndesign for an HTTP authentication method.  The design can also be\r\nused in JavaScript-based authentication embedded in HTML.  HOBA is an\r\nalternative to HTTP authentication schemes that require passwords and\r\ntherefore avoids all problems related to passwords, such as leakage\r\nof server-side password databases.","pub_date":"March 2015","keywords":["Network Working Group","http authentication","origin-bound key"],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC7486","errata_url":null}