C-HTTP-the development of a secure, closed HTTP-based network on the Internet

Abstract

We have designed "C-HTTP" which provides secure HTTP communication mechanisms within a closed group of institutions on the Internet, where each member is protected by its own firewall. C-HTTP-based communications are made possible by the following three components: a client-side proxy, a sewer-side proxy and a C-HTTP name server. A client-side proxy and server-side proxy communicate with each other using a secure, encrypted protocol while communications between a user agent and client-side proxy or an origin sewer and sewer-side proxy are performed using current HTTP/1.0. In a C-HTTP-based network, instead of DNS, a C-HTTP-based secure, encrypted name and certification service is used. The aim of C-HTTP is to assure institutional level security and is different in scope from other secure HTTP protocols currently proposed which are oriented toward secure end-to-end HTTP communications in which security protection is dependent on each end-user.