Digest access authentication is intended as a security trade-off.
2.
It is intended to replace unencrypted HTTP basic access authentication.
3.
Basic access authentication is used for identification, HTTPS is used when identification ( via certificates ) and encrypted messages are needed.
4.
RFC 2069 was later replaced by RFC 2617 ( " HTTP Authentication : Basic and Digest Access Authentication " ).
5.
Digest access authentication was originally specified by RFC 2069 ( " An Extension to HTTP : Digest Access Authentication " ).
6.
Digest access authentication was originally specified by RFC 2069 ( " An Extension to HTTP : Digest Access Authentication " ).
7.
OpenRasta also supports advanced HTTP features such as content negotiation, digest access authentication and full control of response codes sent back to a client.
8.
In contrast, basic access authentication uses the easily reversible Base64 encoding instead of encryption, making it non-secure unless used in conjunction with SSL.
9.
-Another advantage is the ease with which the authentication method may be integrated into terminals and service providers, as it is based on HTTP's well known " Digest access authentication ".
10.
"' Digest access authentication "'is one of the agreed-upon methods a web server can use to negotiate credentials, such as username or password, with a user's web browser.
