[thelist] digest authentication - current status?

SZ Beam sbeam at syxyz.net
Mon Dec 15 09:52:50 CST 2003


I was wondering what the current support-level for the HTTP Digest 
Authentication scheme is. I know this was broken in NN4 and IE4, last I 
looked, due to differing types of non-complicance with the RFC (surprise). 
Googling around gave me a bunch of out-of-date material on it. So does anyone 
use it? does IE6+ and Moz and Safari handle it properly (or gracefully fall 
back to Basic if not)? 

Been using cookie-based tokenized authentication for years, but a intranet app 
I am upgrading uses WebDAV for document management. So HTTP authentication 
allows single-login for viewing, uploading etc, against a managed DB of 
users/groups. Pretty slick.


More information about the thelist mailing list