An Extension to HTTP : Digest Access Authentication, January 1997
- File formats:
- PROPOSED STANDARD
- Obsoleted by:
- RFC 2617
- J. Franks
- http (app)
Discuss this RFC: Send questions or comments to firstname.lastname@example.org
The protocol referred to as "HTTP/1.0" includes the specification for a Basic Access Authentication scheme. This scheme is not considered to be a secure method of user authentication, as the user name and password are passed over the network as clear text. A specification for a different authentication scheme is needed to address this severe limitation. This document provides specification for such a scheme, referred to as "Digest Access Authentication". [STANDARDS-TRACK]
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.