RFC 7616, "HTTP Digest Access Authentication", September 2015Source of RFC: httpauth (sec)
Errata ID: 5801
Status: Held for Document Update
Publication Format(s) : TEXT
Reported By: Franck MOURRE
Date Reported: 2019-08-06
Held for Document Update by: Benjamin Kaduk
Date Held: 2019-08-08
Section 3.7 says:
This specification defines the following algorithms: o SHA2-256 (mandatory to implement) o SHA2-512/256 (as a backup algorithm) o MD5 (for backward compatibility).
It should say:
This specification defines the following algorithms: o SHA-256 (mandatory to implement) o SHA-512/256 (as a backup algorithm) o MD5 (for backward compatibility).
The SHA-2 family of algorithms are conventionally referred to using just "SHA-" and the bit strength, not "SHA2-" and the bit strength.