We have designed "C-HTTP" which provides secure HTTP communication
mechanisms within a closed group of institutions on the Internet, where
each member is protected by its own firewall.  C-HTTP-based
communications are made possible by the following three components:  a
client-side proxy, a server-side proxy and a C-HTTP name server.  A
client-side proxy and server-side proxy communicate with each other
using a secure, encrypted protocol while communications between a user
agent and client-side proxy or an origin server and server-side proxy
are performed using current HTTP/1.0.  In a C-HTTP-based network,
instead of DNS, a C-HTTP-based secure, encrypted name and certification
service is used.  The aim of C-HTTP is to assure institutional level
security and is different in scope from other secure HTTP protocols
currently proposed which are oriented toward secure end-to-end HTTP
communications in which security protection is dependent on each
end-user.