1 Introduction

The Public Key Authentication Protocol (PKAP) provides a method for HTTP clients to prove possession of a private key to a web server without having to rely on client Transport Layer Security (TLS) support [RFC4346] from the underlying platform.

Sections 1.5, 1.8, 1.9, 2, and 3 of this specification are normative. All other sections and examples in this specification are informative.