Re: Digest auth and Range and qop=auth-int
John Franks (john@math.nwu.edu)
Thu, 16 Apr 1998 10:17:37 -0500 (CDT)
On Wed, 15 Apr 1998, Dave Kristol wrote:
> Just want to do a reality check. Suppose we have
>
> 1) C<-S
> HTTP/1.1 401 Unauthorized
> WWW-Authenticate: Digest ... qop="auth,auth-int", ...
>
> 2) C->S
> GET / HTTP/1.1
> Host: foo
> Range: bytes=0-1,2-3
> Authorization: Digest ... qop=auth-int, ...,
> response="d1837789f989729e19578e86cadbd06e", ...
>
> 3) C<-S
> HTTP/1.1 206 Partial Content
> Date: Wed, 15 Apr 1998 15:26:04 GMT
> Server: DMKHTD/1.06c
> Content-type: multipart/byteranges; boundary=xyzzy
> Last-modified: Wed, 27 Nov 1996 22:36:24 GMT
> Etag: "1e7d0a-6ac-329cc268"
> Authentication-Info: ... rspauth=<stuff>, ...
>
> --xyzzy
> Content-type: text/html
> Content-range: bytes 0-1/1708
>
> <H
> --xyzzy
> Content-type: text/html
> Content-range: bytes 2-3/1708
>
> TM
> --xyzzy--
>
> Now, response-digest computes
> A2 = Status-Code ":" digest-uri-value ":" H(entity-body)
>
> I assume that entity-body in this context comprises all the stuff that
> gets returned as a response, including multipart boundaries and
> embedded headers in each part.
>
> Sounds like fun to implement.
>
I think that one way to do this would be to chunk the entire
multipart/byteranges response and calculate the MD5 digest while
chunking. The Authentication-Info header could then be put in
a trailer of the chunking.
Is there any reason not to chunk a multipart/byterange? Is doing
so consistent with the spec?
John Franks
john@math.nwu.edu