Re: Nonce count, digest authentication.

> The problem is that the client sometimes skips a 'nc' value.  For
> example, the server and client nonce count matches say to the value
> 00000016, but then the next value from the client is 00000018?

Squid implements digest authentication, although I don't know
how many sites really use it.  You might find it helpful to
read through the relevant code.

Squid has an option (nonce_strictness) to allow or reject gaps in
nonce counts.

Duane W.

Received on Monday, 30 June 2003 13:09:13 UTC