HTTP Authentication: Basic and Digest Access Authentication

Franks, J.; Hallam-Baker, Phillip; Hostetler, John M.; Lawrence, Scott D.; Leach, Paul J.; Luotonen, A.; Stewart, Lawrence

doi:10.17487/rfc2617

Cited by 479 publications

(281 citation statements)

References 9 publications

Supporting

Mentioning

278

Contrasting

Unclassified

Order By: Relevance

“…The "WWW-Authenticate" header contains a challenge token used in the HTTP Digest authentication procedure (from RFC 2617 [1]). The usage of HTTP Digest authentication in MSRP is described in detail in Section 5.1.…”

Section: The Http Authentication "Www-authenticate" Headermentioning

confidence: 99%

“…The client can authenticate its first relay by looking at the relay's TLS certificate. The client MUST authenticate itself to each of its relays using HTTP Digest authentication [1] (see Section 9.1 for details).…”

Section: Connecting To Relays Acting On Your Behalfmentioning

confidence: 99%

“…In response to an AUTH request that does not contain an Authorization header, a relay MUST respond with a "401 Unauthorized" response containing a WWW-Authenticate header. The WWW-Authenticate header is formed as described in RFC 2617 [1], with the restrictions and modifications described in Section 9.1. The realm chosen by the MSRP relay in such a challenge is a matter of administrative policy.…”

Section: Connecting To Relays Acting On Your Behalfmentioning

confidence: 99%

“…The Authorization header is formed as described in RFC 2617 [1], with the restrictions and modifications described in Section 9.1.…”

Section: Connecting To Relays Acting On Your Behalfmentioning

confidence: 99%

“…The authentication mechanism described in this specification uses HTTP Digest authentication. HTTP Digest authentication is performed as described in RFC 2617 [1], with the following restrictions and modifications:…”

Section: Using Http Authenticationmentioning

confidence: 99%

See 4 more Smart Citations

Relay Extensions for the Message Sessions Relay Protocol (MSRP)

Jennings¹,

Mahy²,

Roach³

2007

View full text Add to dashboard Cite

Section: The Http Authentication "Www-authenticate" Headermentioning

confidence: 99%

Section: Connecting To Relays Acting On Your Behalfmentioning

confidence: 99%

Section: Connecting To Relays Acting On Your Behalfmentioning

confidence: 99%

“…The Authorization header is formed as described in RFC 2617 [1], with the restrictions and modifications described in Section 9.1.…”

Section: Connecting To Relays Acting On Your Behalfmentioning

confidence: 99%

Section: Using Http Authenticationmentioning

confidence: 99%

See 3 more Smart Citations

Relay Extensions for the Message Sessions Relay Protocol (MSRP)

Jennings¹,

Mahy²,

Roach³

2007

View full text Add to dashboard Cite

Session Initiation Protocol (SIP)

Schulzrinne

2003

Wiley Encyclopedia of Telecommunications

View full text Add to dashboard Cite

show abstract

Authentication

McDaniel

2004

The Internet Encyclopedia

View full text Add to dashboard Cite

Authentication is the process by which the identity of an entity is established. Authenticating entities present credentials, such as passwords or certificates, as evidence of their identity. The entity is deemed authentic where presented credentials are valid and sufficient. Note that authentication does not determine which entities should be given access; it only verifies that entities are who they claim to be. However, it is only after entities are authenticated that their rights to resources can be assessed (through authorization). Hence, failure to correctly authenticate users on the Internet can leave online resources vulnerable to misuse. This article considers the semantics, methods, and mechanisms for authentication on the Internet. The goals and principles of authentication are illustrated through several expository systems. The embodied trust, operation, and limitations of these systems are explored. This article is concluded with a number of axioms for the selection and use of authentication systems on the Internet.

show abstract

HTTP Authentication: Basic and Digest Access Authentication

Cited by 479 publications

References 9 publications

Relay Extensions for the Message Sessions Relay Protocol (MSRP)

Relay Extensions for the Message Sessions Relay Protocol (MSRP)

Session Initiation Protocol (SIP)

Authentication

Contact Info

Product

Resources

About