Revision as of 13:39, 13 July 2024 edit Sadads (talk \| contribs) Administrators 147,555 edits →HTTP digest authentication considerations Tag: Visual edit ← Previous edit		Revision as of 08:47, 21 August 2024 edit undo Lauriro (talk \| contribs) 4 edits Specify, that DIGEST-MD5 in SASL is obsolete, not DIGEST as whole Next edit →
Line 3: '''Digest access authentication''' is one of the agreed-upon methods a [[web server]] can use to negotiate credentials, such as username or password, with a user's [[web browser]]. This can be used to confirm the identity of a user before sending sensitive information, such as online banking transaction history. It applies a [[hash function]] to the username and [[password]] before sending them over the network. In contrast, [[basic access authentication]] uses the easily reversible [[Base64]] encoding instead of hashing, making it non-secure unless used in conjunction with [[Transport Layer Security\|TLS]]. Technically, digest authentication is an application of ~~[[MD5]]~~ [[cryptographic hash]]ing with usage of [[cryptographic nonce\|nonce]] values to prevent [[replay attack]]s. It uses the [[Hypertext Transfer Protocol\|HTTP]] protocol. ~~This~~DIGEST-MD5 ~~standard~~as a [[Simple_Authentication_and_Security_Layer\|SASL]] mechanism specified by {{IETF RFC\|2831}} is obsolete since July 2011.<ref>[https://datatracker.ietf.org/doc/html/rfc6331 Moving DIGEST-MD5 to Historic, July 2011].</ref> == Overview ==

Digest access authentication: Difference between revisions