Hacker Newsnew | comments | show | ask | jobs | submitlogin
lhazlewood 451 days ago | link | parent

There are many types of digest authentication - OAuth1.0a and Amazon's and Stormpath's custom schemes are examples. Browser-specific digest authentication wasn't covered however since the article was about REST APIs and most REST clients are not browsers.


bct 451 days ago | link

I'm pretty sure he means RFC 2617 Digest authentication. There's nothing browser-specific about it.

-----

lhazlewood 451 days ago | link

I gathered as much. But in practice, how often do you see RFC 2617 Digest authc used in non-browser scenarios? (I'm genuinely curious. I haven't seen it used much at all outside of web browsers, so I'm curious what others may have come across).

-----

bct 451 days ago | link

I've written Atom Publishing Protocol servers that use it. It's not badly-suited for non-browser tasks (although yes, SSL and Basic is much simpler - if you don't mind paying for the certificate). It's unusual, but it's pretty unusual to use it (or Basic) for web browsers these days, too.

-----




Guidelines | FAQ | Lists | Bookmarklet | DMCA | News News | Bugs and Feature Requests | Y Combinator | Apply | Library | Contact

Search: