Unless I missed something we nicely issue a nonce during digest auth (based on r->request_time) - but when the reply comes in with an (Proxy-)Authenticate header we use the nonce provided by the client; and do not check if it was any where near reasonably likely that we issued it.
So I guess
-> The release notes and the digest docs should propably contain a warning that we are not hardnened against certain replay attacks.
-> Long term we propably want to solve this; e.g. by using a hash over a static secret or somethign.
I distinctly remember discussing this at the time - guess I didn't have the energy to fix it then :-)
Cheers,
Ben.
-- http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff
