Digest Authentication and RTC
Other versions of this page are also available for the following:
.gif "A hyphen indicates that the information in this topic is not relevant for this platform, or that the platform does not support the API that is listed.")
.gif "A checkmark indicates that the information in this topic is relevant for this platform, and that any API listed is also supported on this platform.")
8/28/2008
Digest authentication is a challenge-response authentication method within the SIP protocol. It does not require credentials to be transmitted over the network in clear text. Instead, the client sends passwords in hashed form.
Initial authentication occurs when the server challenges the client. The client uses the challenge from the server to generate a password hash that it includes in the response to the server.
Because the password is hashed, Digest authentication has an advantage over Basic authentication. However, the hashed password can potentially be deciphered by network attackers, especially if the password is weak.