HTTP Authentication: Basic and Digest Access Authentication
作者: J. Franks , P. Hallam-Baker , A. Luotonen , S. Lawrence , J. Hostetler
DOI:
关键词: Authentication protocol 、 Generic Bootstrapping Architecture 、 Lightweight Extensible Authentication Protocol 、 Digest access authentication 、 Challenge–response authentication 、 Computer security 、 Computer science 、 Data Authentication Algorithm 、 Multi-factor authentication 、 Chip Authentication Program
摘要: "HTTP/1.0", includes the specification for a Basic Access Authentication scheme. This scheme is not considered to be secure method of user authentication (unless used in conjunction with some external system such as SSL [5]), name and password are passed over network cleartext.
ietf.org
fc2.com参考文章(10)
M. Wahl, R. Morgan, J. Hodges, H. Alvestrand, Authentication Methods for LDAP RFC. ,vol. 2829, pp. 1- 16 ,(2000)
N. Freed, N. Borenstein, Multipurpose Internet Mail Extensions (MIME) Part One: Format of Internet Message Bodies RFC. ,vol. 2045, pp. 1- 31 ,(1996)
T. Dierks, C. Allen, The TLS Protocol Version 1.0 IETF RFC 2246. ,vol. 2246, pp. 1- 80 ,(1999)
H. Frystyk, L. Masinter, J. Mogul, J. Gettys, R. Fielding, P. Leach, T. Berners-Lee, Hypertext Transfer Protocol -- HTTP/1.1 acm conference on hypertext. ,vol. 2068, pp. 1- 162 ,(1997)
E. Sink, J. Franks, P. Hallam-Baker, A. Luotonen, J. Hostetler, L. Stewart, P. Leach, An Extension to HTTP : Digest Access Authentication RFC. ,vol. 2069, pp. 1- 18 ,(1997)
P. Krumviede, R. Catoe, J. Klensin, IMAP/POP AUTHorize Extension for Simple Challenge/Response RFC. ,vol. 2095, pp. 1- 5 ,(1997)
L. Masinter, R. Fielding, T. Berners-Lee, Uniform Resource Identifiers (URI): Generic Syntax RFC. ,vol. 2396, pp. 1- 40 ,(1998)
H. Frystyk, R. Fielding, T. Berners-Lee, Hypertext Transfer Protocol -- HTTP/1.0 acm conference on hypertext. ,vol. 1945, pp. 1- 60 ,(1996)
T. Dierks, The TLS protocol Request for Comments (RFC) 2246. ,(1999)
Rivest, The MD5 Message-Digest Algorithm RFC1321. ,(1992)