Glossary (WinHTTP)

authentication data

Scheme-specific block of data that is exchanged between the server and client during authentication. To prove its identity, the client encrypts some or all of this data with a user name and password. The client sends the encrypted data to the server, which decrypts the data and compares it to the original. If the decrypted data matches the original data, the client is authenticated.

base64 encoding

Scheme used to transmit binary data. Base64 processes data as 24-bit groups, mapping this data to four encoded characters. It is sometimes referred to as 3-to-4 encoding. Each 6 bits of the 24-bit group is used as an index into a mapping table (the base64 alphabet) to obtain a character for the encoded data. The encoded data has line lengths limited to 76 characters.

certificate store

Typically, permanent storage where certificates, certificate revocation lists (CRL), and certificate trust lists (CTL) are stored. A certificate store can also be temporary when working with session-based certificates.


Ability for a Microsoft Passport participant site to provide its own branding elements and explanations on the Passport network service pages. Cobranding includes customizing the look and feel, specific text, and specific behavior on Passport network pages.

code page

Table that relates the binary character codes used by a program to keys on the keyboard or to the appearance of characters on the monitor. Using code pages is a way to provide support for character sets and keyboard layouts used in different countries and regions. You can configure devices such as the monitor and the keyboard to use a specific code page and to switch from one code page (such as United States) to another (such as Portugal) at the user's request.

HTTP verb

The HTTP verb (or HTTP method) is an instruction sent in a request message that notifies an HTTP server of the action to perform on the specified resource. For example, "GET" specifies that a resource is being retrieved from the server. Common verbs include "GET", "POST", and "HEAD". For more information and a complete list of standard HTTP verbs, see the HTTP/1.1 specification.


Cookie that contains a user profile for Passport authentication. Each ticket corresponds to one URL. The logon server of a Passport Domain Authority provides tickets that the client sends to a Passport member for authentication.

user agent

The user agent is the client application that requests a document from an HTTP server. When the client sends a request to an HTTP server, typically it sends the name of the user agent with the request header so that the server can determine the capabilities of the client software.