Internet - Draft HTTP Digest AKAv 2
نویسندگان
چکیده
HTTP Digest is known to be vulnerable to man-in-the-middle attacks, even when run inside TLS, if the same passwords are used for authentication in some other context without TLS. This is a general problem that affects not just HTTP digest but also other IETF protocols. However, for a class of strong algorithms the attack is avoidable. This document defines version 2 of the HTTP Digest AKA algorithm. Unlike previous versions of HTTP Digest such as MD5 or AKAv1, this algorithm is immune to the man-in-the-middle attack.
منابع مشابه
RFC 4169 HTTP Digest AKAv 2 November 2005
HTTP Digest, as specified in RFC 2617, is known to be vulnerable to man-in-the-middle attacks if the client fails to authenticate the server in TLS, or if the same passwords are used for authentication in some other context without TLS. This is a general problem that exists not just with HTTP Digest, but also with other IETF protocols that use tunneled authentication. This document specifies ve...
متن کاملDigest Authentication as a Sasl Mechanism September 1998 Network Working Group Status of This Memo This Is a Preliminary Draft of an Internet-draft. It Does Not Represent the Consensus of Any Working Group
This specification defines how HTTP Digest Authentication [Digest] can be used as a SASL [RFC 2222] mechanism for any protocol that has a SASL profile. It is intended both as an improvement over CRAM-MD5 [RFC2195] and as a convenient way to support a single authentication mechanism for web, mail, LDAP, and other protocols. Leach, Newman Standards Track [Page 1] Digest Authentication as a SASL M...
متن کاملDigest Authentication as a Sasl Mechanism September 1998 Network Working Group This Is a Preliminary Draft of an Internet-draft. It Does Not Represent the Consensus of Any Working Group
This specification defines how HTTP Digest Authentication [Digest] can be used as a SASL [RFC 2222] mechanism for any protocol that has a SASL profile. It is intended both as an improvement over CRAM-MD5 [RFC2195] and as a convenient way to support a single authentication mechanism for web, mail, LDAP, and other protocols. Leach, Newman Standards Track [Page 1] Digest Authentication as a SASL M...
متن کاملConnection: close Content-Type: text/plain Internet Draft Expires 11/5/97 RSA Laboratories Status of this Memo
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." To learn the current status of any Internet-Draft, please check the "1id-abstracts.txt" listing contained in the Internet-Drafts Shadow D...
متن کاملCryptographic Message Syntax
Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six month...
متن کامل