Re: still more Digest Authentication comments

>>The case problem (is it 789ABCDEF or 789abcdef?) is important because
>>digests of A1 and A2 themselves get digested in <digest>.  Clearly a
>>digest of 789ABCDEF is different from a digest of 789abcdef.

>I agree with Dave on this.  It makes a difference, and it's easier to just
>be explicit.

Hang on a second. WHERE is this thought to occur?

If a Digest is being digested then it is the digest value that is digested. Not
the digest converted to base 16, 64 or any other form.

This is essential since otherwise it introduces unnecessary transformations
when gating HTTP-NG.


The Digest is the 128 bits of information. The hexadecimal is nothing other than 
a means of transporting the digest. If this is unclear in the spec it should be 
made so.

Specifying use of upper or lowercase should be irrelevant.


		Phill.

Received on Wednesday, 22 March 1995 08:06:17 UTC