| Digest Authentication Interoperability Test
|
EmWeb is a novel
approach to providing a World Wide Web interface for applications as
diverse as network management, server process management, and remote
instrumentation. A highly portable HTTP server core is combined with
development tools to help you quickly deploy a sophisticated interface
that is smoothly integrated with your device or application.
Digest Access Authentication is a new standard (RFC 2617)for
authentication in the World Wide Web. While it is not as strong as some
other possible authentication schemes, it is:
- A major improvement over the HTTP 1.0 Basic scheme, SNMP Version 1,
telnet, or ftp, all of which pass the user identity and password over
the network in a way that can be recorded by an attacker and replayed
later to masquerade as the legitimate user.
- Much less expensive in memory and CPU than stronger encryption based
mechanisms.
- Unencumbered by patents (all stronger systems use patented
cryptographic mechanisms for which licenses must be purchased).
The EmWeb server supports Digest Access Authentication using the only
digest algorithm currently defined: the RSA Data
Security, Inc. MD5 Message-Digest Algorithm.
Scott Lawrence <lawrence@agranat.com>
Last modified: 1999-06-22 07:19:16