Arno Garrels wrote: > Paul Read wrote: >> THanks for that information I therefore tweaked >> 'AuthDigestParseChallenge' so that Info.Qop is set to 'auth' if no >> Qop value is given and now the right MD5 is calculated and the server >> accepts the data. > > I'd say this is a server-side bug.
Though it might be a ICS bug in the RFC 2069 implementation as well, but I have no idea where. Digest calculation is simple in RFC 2069 and the same calculation is also used as one part of the RFC 2617 calc. > It obviously understands a RFC 2617 > digest however sends an obsolete RFC 2069 WWW-Authenticate response > header. Well, that seems OK as long as the server supports both RFC 2069 and RFC 2617 clients. > If I'm not totally misreading this sentence: > "qop-options > This directive is optional, but is made so only for backward > compatibility with RFC 2069 [6];" > > it means that if the qop directive is missing we have to assume RFC > 2069 which calculates the digest differently. If not, ICS clients won't be able to authenticate with true old RFC 2069 servers...? -- Arno Garrels -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be