[squid-dev] FYI: RFC 2617 ("HTTP Authentication: Basic and Digest Access Authentication") is obsolete
Amos Jeffries
squid3 at treenet.co.nz
Thu Oct 1 16:37:45 UTC 2015
For those interested. HTTP authentication Basic and Digest schemes have
been updated.
On 2/10/2015 2:18 a.m., Julian Reschke wrote:
> Hi there.
>
> RFC 2617 ("HTTP Authentication: Basic and Digest Access Authentication")
> has finally been obsoleted.
>
> It has been superseded by a document set consisting of:
>
> RFC 7235: Hypertext Transfer Protocol (HTTP/1.1): Authentication
> (defining the authentication framework, published last year),
>
> RFC 7615: HTTP Authentication-Info and Proxy-Authentication-Info
> Response Header Fields (defining just two optional header fields),
>
> RFC 7616: HTTP Digest Access Authentication, and
>
> RFC 7617: The 'Basic' HTTP Authentication Scheme.
>
> The two latter documents have been developed in the HTTPAUTH working group.
>
> Best regards, Julian
>
> PS1: We failed to make the document titles for Basic and Digest
> consistent. Sorry.
>
> PS2: RFC 7615 is of course a candidate for inclusion into RFC 7235bis.
>
More information about the squid-dev
mailing list