access authentication
Click on the red underlined text to get to the source
... Access Authentication ...
... Access Authentication Framework ...
... HTTP protocol does not restrict applications to this simple
challenge-response mechanism for access authentication. Additional
mechanisms MAY be used, such as encryption at the transport ...
... Digest Access Authentication Scheme ...
... The protocol referred to as "HTTP/1.0" includes the specification for
a Basic Access Authentication scheme[1]. That scheme is not
considered to be a secure method ...
... This section provides the specification for a scheme that does not
send the password in cleartext, referred to as "Digest Access
Authentication".
...
...
The Digest Access Authentication scheme is not intended to be a
complete answer to the need for security in the World Wide Web ...
... encryption of message content. The intent is
simply to create an access authentication method that avoids the most
serious flaws of Basic authentication ...
...
Like Basic Access Authentication, the Digest scheme is based on a
simple challenge-response paradigm. The Digest scheme challenges
...
...
The Digest Access Authentication scheme is conceptually similar to
the Basic scheme. The formats of the modified WWW-Authenticate header ...
... As with the basic scheme, proxies must be completely transparent in
the Digest access authentication scheme. That is, they must forward
the WWW-Authenticate, Authentication ...
... Franks, J., Hallam-Baker, P., Hostetler, J., Leach, P., Luotonen, A., Sink, E. and L. Stewart, "An Extension to HTTP : Digest Access Authentication", RFC 2069(-> 2617draft), January 1997. ...