Citation |
Hypertext Transfer Protocol (HTTP) Digest Authentication Using Authentication and Key Agreement (AKA) Version-2, Internet RFC 4169, November 2005.
, |
|||
---|---|---|---|---|
Descriptions |
Abstract:
HTTP Digest, as specified in RFC 2617, is known to be vulnerable to man-in-the-middle attacks if the client fails to authenticate the server in TLS, or if the same passwords are used for authentication in some other context without TLS. This is a general problem that exists not just with HTTP Digest, but also with other IETF protocols that use tunneled authentication. This document specifies version 2 of the HTTP Digest AKA algorithm (RFC 3310). This algorithm can be implemented in a way that it is resistant to the man-in-the-middle attack. This memo provides information for the Internet community. Annotation:
Keywords: AKA (Authentication and Key Agreement); Digest Access Authentication0.8; |
|||
Associations |
|
|||
Resources | ||||
Bibliography Navigation: Reference List; Author Index; Title Index; Keyword Index
Generated by sharef2html
on 2011-04-15, 02:00:41.