erikdubbelboer
commented
1 year ago I had a quick look but nginx doesn't seem to come with any sha256 or sha512 implementation. Not sure which are best to use than without introducing extra dependencies.
Open bugeaud opened 1 year ago
erikdubbelboer
commented
1 year ago I had a quick look but nginx doesn't seem to come with any sha256 or sha512 implementation. Not sure which are best to use than without introducing extra dependencies.
This would be interresting to broaden the supported hash to ensure compatibility toward RFC 7616.
Doing so, it would help us to use a standard secure auth mecanism and avoid app specific mechanism that are non-standard and can lead to bad implementations and this bad overall security.