The Privacy Pass HTTP Authentication Scheme
RFC 9577, “The Privacy Pass HTTP Authentication Scheme”, is a Proposed Standard document published in June 2024 by T. Pauly, S. Valdez, C. A. Wood. The canonical text is published by the RFC Editor.
Abstract
This document defines an HTTP authentication scheme for Privacy Pass, a privacy-preserving authentication mechanism used for authorization. The authentication scheme specified in this document can be used by Clients to redeem Privacy Pass tokens with an Origin. It can also be used by Origins to challenge Clients to present Privacy Pass tokens.
What “Proposed Standard” means
An entry-level standards-track specification: stable, peer-reviewed and a solid basis for implementation, though it may still evolve before becoming an Internet Standard.
The canonical text of RFC 9577 is hosted at rfc-editor.org. Available in HTML,TXT,PDF,XML.
- RFC 9576 The Privacy Pass Architecture
- RFC 9578 Privacy Pass Issuance Protocols
- RFC 9575 DRIP Entity Tag Authentication Formats and Protocols for Broadcast Remote Identification
- RFC 9579 Use of Password-Based Message Authentication Code 1 in PKCS #12 Syntax
- RFC 9574 Optimized Ingress Replication Solution for Ethernet VPNs
- RFC 9580 OpenPGP
- RFC 9573 MVPN/EVPN Tunnel Aggregation with Common Labels
- RFC 9581 Concise Binary Object Representation Tags for Time, Duration, and Period