RFC 2069
An Extension to HTTP : Digest Access Authentication, January 1997
- File formats:
- Status:
- PROPOSED STANDARD
- Obsoleted by:
- RFC 2617
- Authors:
- J. Franks
P. Hallam-Baker
J. Hostetler
P. Leach
A. Luotonen
E. Sink
L. Stewart - Stream:
- IETF
- Source:
- http (app)
Cite this RFC: TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC2069
Discuss this RFC: Send questions or comments to the mailing list iesg@ietf.org
Other actions: View Errata | Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 2069
Abstract
The protocol referred to as "HTTP/1.0" includes the specification for a Basic Access Authentication scheme. This scheme is not considered to be a secure method of user authentication, as the user name and password are passed over the network as clear text. A specification for a different authentication scheme is needed to address this severe limitation. This document provides specification for such a scheme, referred to as "Digest Access Authentication". [STANDARDS-TRACK]
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.