RE: rfc2617: response-auth calculation

> From: Joe Orton
> Subject: RE: rfc2617: response-auth calculation
> Ah, can auth-int be used for messages with no body (zero-length), e.g.
> GET requests? I presumed it couldn't, maybe this is the source of my
> confusion.

I'm not sure where you would have gotten that impression, but yes, a GET
request can use auth-int.  The hash of an empty message body is

> (I'm writing client code).

Feel free to test against ''; send feedback to me.
Scott Lawrence           Director of R & D        <>
Agranat Systems, Inc.  Embedded Web Technology

Received on Monday, 19 July 1999 09:21:50 UTC