Skip to main content

Hypertext Transfer Protocol (HTTP) Digest Authentication Using Authentication and Key Agreement (AKA)

The information below is for an old version of the document that is already published as an RFC.
Document Type
This is an older version of an Internet-Draft that was ultimately published as RFC 3310.
Authors Vesa Torvinen , Jari Arkko , Aki Niemi
Last updated 2015-10-14 (Latest revision 2002-05-20)
RFC stream Internet Engineering Task Force (IETF)
Additional resources Mailing list discussion
Stream WG state (None)
Document shepherd (None)
IESG IESG state RFC 3310 (Informational)
Consensus boilerplate Unknown
Telechat date (None)
Responsible AD Allison J. Mankin
IESG note
Send notices to <>
A new Request for Comments is now available in online RFC libraries.

        RFC 3310

        Title:      Hypertext Transfer Protocol (HTTP) Digest
                    Authentication Using Authentication and Key
                    Agreement (AKA) 
        Author(s):  A. Niemi, J. Arkko, V. Torvinen
        Status:     Informational
        Date:       September 2002
        Pages:      18
        Characters: 36985
        Updates/Obsoletes/SeeAlso:    None

        I-D Tag:    draft-ietf-sip-digest-aka-03.txt


This memo specifies an Authentication and Key Agreement (AKA) based
one-time password generation mechanism for Hypertext Transfer Protocol
(HTTP) Digest access authentication.  The HTTP Authentication
Framework includes two authentication schemes: Basic and Digest.  Both
schemes employ a shared secret based mechanism for access
authentication.  The AKA mechanism performs user authentication and
session key distribution in Universal Mobile Telecommunications System
(UMTS) networks.  AKA is a challenge-response based mechanism that
uses symmetric cryptography.

This document is a product of the Session Initiation Protocol Working
Group of the IETF.

This memo provides information for the Internet community.  It does
not specify an Internet standard of any kind.  Distribution of this
memo is unlimited.

This announcement is sent to the IETF list and the RFC-DIST list.
Requests to be added to or deleted from the IETF distribution list
should be sent to IETF-REQUEST@IETF.ORG.  Requests to be
added to or deleted from the RFC-DIST distribution list should

Details on obtaining RFCs via FTP or EMAIL may be obtained by sending
an EMAIL message to rfc-info@RFC-EDITOR.ORG with the message body 
help: ways_to_get_rfcs.  For example:

        To: rfc-info@RFC-EDITOR.ORG
        Subject: getting rfcs

        help: ways_to_get_rfcs

Requests for special distribution should be addressed to either the
author of the RFC in question, or to RFC-Manager@RFC-EDITOR.ORG.  Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.echo 
Submissions for Requests for Comments should be sent to
RFC-EDITOR@RFC-EDITOR.ORG.  Please consult RFC 2223, Instructions to RFC
Authors, for further information.