It looks like I’m not the only person who likes the idea of signed HTTP requests as an authentication method.
Several web service providers have invented their own schemes for signing HTTP requests, but to date, none have been placed in the public domain as a standard. This document serves that purpose. There are no techniques in this proposal that are novel beyond previous art, however, this aims to be a simple mechanism for signing these requests.
Signed HTTP requests are also a key feature of something I’ve been working on. It’s great to see the idea pick up momentum.