IPFS Authentication and Query Mechanisms?

Hi Folks, I’m wondering if there’s a spec somewhere that details the various authentication mechanisms available when accessing files stored in IPFS.

http:// is pretty well specified as a protocol spec.
ipfs:// and ipns:// are really URI specs - is there any serious documentation as to how they’re supposed to be resolved at the protocol level?

Specifically I’m interested in authentication & query handling:

When using an http:// request, or a ipfs:// or a ipns:// REST request, what authentication mechanisms are supported - in general, by Kubo, by specification?
user:password @ ?
x-API-Key ?
UCAN authentication (including a DID in a header field)

and what about http://extensions - like DAV, Delta-V, and query formats (open search? CQL?)

Thanks Much,

miles Fidelman