RE: rfc2617: response-auth calculation from Scott Lawrence on 1999-07-19 (ietf-http-wg@w3.org from July to September 1999)

From: Scott Lawrence <lawrence@agranat.com>
Date: Mon, 19 Jul 1999 12:15:01 -0400
To: Joe Orton <joe@orton.demon.co.uk>
Cc: http-wg@hplb.hpl.hp.com
Message-ID: <005c01bed201$da3291a0$954768c0@oyster.agranat.com>

> From: Joe Orton
> Subject: RE: rfc2617: response-auth calculation
>
> Ah, can auth-int be used for messages with no body (zero-length), e.g.
> GET requests? I presumed it couldn't, maybe this is the source of my
> confusion.

I'm not sure where you would have gotten that impression, but yes, a GET
request can use auth-int.  The hash of an empty message body is
'd41d8cd98f00b204e9800998ecf8427e'.

> (I'm writing client code).

Feel free to test against 'digest-test.agranat.com'; send feedback to me.
--
Scott Lawrence           Director of R & D        <lawrence@agranat.com>
Agranat Systems, Inc.  Embedded Web Technology   http://www.agranat.com/

Received on Monday, 19 July 1999 09:21:50 UTC