RFC Errata
RFC 2617, "HTTP Authentication: Basic and Digest Access Authentication", June 1999
Note: This RFC has been obsoleted by RFC 7235, RFC 7615, RFC 7616, RFC 7617
Source of RFC: http (app)See Also: RFC 2617 w/ inline errata
Errata ID: 1431
Status: Verified
Type: Editorial
Publication Format(s) : TEXT
Reported By: Stefan Santesson
Date Reported: 2008-05-29
Verifier Name: Alexey Melnikov
Date Verified: 2009-12-21
Section 3.2.2.1 says:
If the "qop" value is "auth" or "auth-int": request-digest = <"> < KD ( H(A1), unq(nonce-value) ":" nc-value ":" unq(cnonce-value) ":" unq(qop-value) ":" H(A2) ) <">
It should say:
If the "qop" value is "auth" or "auth-int": request-digest = <"> < KD ( H(A1), unq(nonce-value) ":" nc-value ":" unq(cnonce-value) ":" unq(qop-value) ":" H(A2) ) > <">
Notes:
The ">" bracket is missing in the final line, closing the "<" bracket of the first line in "< KD ( H(A1)"...