Digest Auth

GPTKB entity

Statements (38)
Predicate Object
gptkbp:instanceOf crypt
gptkbp:alternativeTo gptkb:OAuth
Basic Auth
Mutual TLS
Bearer Token Auth
gptkbp:category Web security
Authentication
HTTP protocol extension
gptkbp:definedIn gptkb:RFC_2617
gptkb:RFC_7616
gptkbp:developedBy gptkb:IETF
gptkbp:fullName gptkb:HTTP_Digest_Access_Authentication
https://www.w3.org/2000/01/rdf-schema#label Digest Auth
gptkbp:notRecommendedFor high-security applications
gptkbp:provides protection against replay attacks
protection against man-in-the-middle attacks
gptkbp:replacedBy Basic Auth
gptkbp:status legacy
gptkbp:supportedBy gptkb:Microsoft_IIS
gptkb:NGINX
gptkb:Apache_HTTP_Server
most web browsers
gptkbp:usedIn gptkb:HTTP
gptkbp:uses gptkb:King
gptkb:URI
nickname
password
HTTP method
MD5 hashing
nonce value
response hash
qop (quality of protection)
client nonce (cnonce)
server nonce
gptkbp:vulnerableTo brute force attacks
man-in-the-middle if not used with HTTPS
gptkbp:bfsParent gptkb:GeoServer
gptkbp:bfsLayer 6