TODO: HTTP Digest using SHA-256

author: Daniel Stenberg <daniel@haxx.se> 2017-02-22 14:16:45 +0100
committer: Daniel Stenberg <daniel@haxx.se> 2017-02-22 14:16:45 +0100
commit: f57eb1f8e35d0b56a4de6ea8c2db269bc28242ed (patch)
tree: 690d4918947cbeccc1de065ced22c921f03fb3f6
parent: b702a4d848b3da2a5b62bb341d1a087c2e899899 (diff)
download: curl-f57eb1f8e35d0b56a4de6ea8c2db269bc28242ed.tar.gz
1 files changed, 10 insertions, 0 deletions
diff --git a/docs/TODO b/docs/TODO
index 70714fd98..217c6f887 100644
--- a/docs/TODO
+++ b/docs/TODO
@@ -63,6 +63,7 @@
  5.1 Better persistency for HTTP 1.0
  5.2 support FF3 sqlite cookie files
  5.3 Rearrange request header order
+ 5.4 HTTP Digest using SHA-256
  5.5 auth= in URLs
  5.6 Refuse "downgrade" redirects
  5.7 Brotli compression
@@ -526,6 +527,15 @@ This is not detailed in any FTP specification.
  headers use a default value so only headers that need to be moved have to be
  specified.
 
+5.4 HTTP Digest using SHA-256
+
+ RFC 7616 introduces an update to the HTTP Digest authentication
+ specification, which amongst other thing defines how new digest algorithms
+ can be used instead of MD5 which is considered old and not recommanded.
+
+ See https://tools.ietf.org/html/rfc7616 and
+ https://github.com/curl/curl/issues/1018
+
 5.5 auth= in URLs
 
  Add the ability to specify the preferred authentication mechanism to use by
author	Daniel Stenberg <daniel@haxx.se>	2017-02-22 14:16:45 +0100
committer	Daniel Stenberg <daniel@haxx.se>	2017-02-22 14:16:45 +0100
commit	f57eb1f8e35d0b56a4de6ea8c2db269bc28242ed (patch)
tree	690d4918947cbeccc1de065ced22c921f03fb3f6
parent	b702a4d848b3da2a5b62bb341d1a087c2e899899 (diff)
download	curl-f57eb1f8e35d0b56a4de6ea8c2db269bc28242ed.tar.gz