Content deleted Content added
Reverted 1 edit by 174.18.56.239 (talk): Off-topic link target |
→Overview: Mention limitations from browsers |
||
Line 56:
The above shows that when qop is not specified, the simpler RFC 2069 standard is followed.
In September 2015, RFC 7616 replaced RFC 2617 by adding 4 new algorithms: "SHA-256", "SHA-256-sess", "SHA-512" and "SHA-512-sess". The encoding is equivalent to "MD5" and "MD5-sess" algorithms, with [[MD5|MD5 hashing function]] replaced with [[SHA-256]] and [[SHA-512]]. However, as of July 2021, none of popular browsers, including Firefox<ref>{{cite web |title=Bug 472823: SHA 256 Digest Authentication |url=https://bugzilla.mozilla.org/show_bug.cgi?id=472823 |website=Mozilla Bugzilla}}</ref> and Chrome<ref>{{cite web |title= Issue 1160478: SHA-256 for HTTP Digest Access Authentication in accordance with rfc7616 |url=https://bugs.chromium.org/p/chromium/issues/detail?id=1160478 |website=Chromium bugs}}</ref>, support SHA-256 as the hash function.
== Impact of MD5 security on digest authentication ==
| |||