The Digest Access Authentication scheme is not intended to be a
complete answer to the need for security in the World Wide Web. This
scheme provides no encryption of object content. The intent is simply
to create a weak access authentication method which avoids the most
serious flaws of Basic authentication.
It is proposed that this access authentication scheme be included in
the proposed HTTP/1.1 specification.
RFC 2069 Digest Access Authentication January 1997
1.2 Overall Operation
Like Basic Access Authentication, the Digest scheme is based on a
simple challenge-response paradigm. The Digest scheme challenges
using a nonce value. A valid response contains a checksum (by
default the MD5 checksum) of the username, the password, the given
nonce value, the HTTP method, and the requested URI. In this way,
the password is never sent in the clear. Just as with the Basic
scheme, the username and password must be prearranged in some fashion
which is not addressed by this document.
1.3 Representation of digest values
An optional header allows the server to specify the algorithm used to
create the checksum or digest. By default the MD5 algorithm is used
and that is the only algorithm described in this document.
For the purposes of this document, an MD5 digest of 128 bits is
represented as 32 ASCII printable characters. The bits in the 128
bit digest are converted from most significant to least significant
bit, four bits at a time to their ASCII presentation as follows.
Each four bits is represented by its familiar hexadecimal notation
from the characters 0123456789abcdef. That is, binary 0000 gets
represented by the character '0', 0001, by '1', and so on up to the
representation of 1111 as 'f'.
1.4 Limitations
The digest authentication scheme described in this document suffers
from many known limitations. It is intended as a replacement for
basic authentication and nothing more. It is a password-based system
and (on the server side) suffers from all the same problems of any
password system. In particular, no provision is made in this
protocol for the initial secure arrangement between user and server
to establish the user's password.
Users and implementors should be aware that this protocol is not as
secure as kerberos, and not as secure as any client-side private-key
scheme. Nevertheless it is better than nothing, better than what is
commonly used with telnet and ftp, and better than Basic
authentication.
2. Digest Access Authentication Scheme
2.1 Specification of Digest Headers
The Digest Access Authentication scheme is conceptually similar to
the Basic scheme. The formats of the modified WWW-Authenticate
RFC 2069 Digest Access Authentication January 1997
header line and the Authorization header line are specified below,
using the extended BNF defined in the HTTP/1.1 specification, section
2.1. In addition, a new header, Authentication-info, is specified.
2.1.1 The WWW-Authenticate Response Header
If a server receives a request for an access-protected object, and an
acceptable Authorization header is not sent, the server responds with
a "401 Unauthorized" status code, and a WWW-Authenticate header,
which is defined as follows:
WWW-Authenticate = "WWW-Authenticate" ":" "Digest"
digest-challenge
digest-challenge = 1#( realm | [ domain ] | nonce |
[ digest-opaque ] |[ stale ] | [ algorithm ] )
realm = "realm" "=" realm-value
realm-value = quoted-string
domain = "domain" "=" <"> 1#URI <">
nonce = "nonce" "=" nonce-value
nonce-value = quoted-string
opaque = "opaque" "=" quoted-string
stale = "stale" "=" ( "true" | "false" )
algorithm = "algorithm" "=" ( "MD5" | token )
=2= |
