RFC 2069

An Extension to HTTP : Digest Access Authentication, January 1997

File formats:
icon for text file icon for PDF icon for HTML icon for inline errata
Obsoleted by:
RFC 2617
J. Franks
P. Hallam-Baker
J. Hostetler
P. Leach
A. Luotonen
E. Sink
L. Stewart
http (app)

Cite this RFC: TXT  |  XML  |   BibTeX

DOI:  https://doi.org/10.17487/RFC2069

Discuss this RFC: Send questions or comments to the mailing list iesg@ietf.org

Other actions: View Errata  |  Submit Errata  |  Find IPR Disclosures from the IETF  |  View History of RFC 2069


The protocol referred to as "HTTP/1.0" includes the specification for a Basic Access Authentication scheme. This scheme is not considered to be a secure method of user authentication, as the user name and password are passed over the network as clear text. A specification for a different authentication scheme is needed to address this severe limitation. This document provides specification for such a scheme, referred to as "Digest Access Authentication". [STANDARDS-TRACK]

For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 8729.

Advanced Search