2.1 Transport

The elements of the Digest Access Authentication: Microsoft Extensions messages are embedded directly in HTTP/1.1 messages [RFC2616] when digest authentication is used within HTTP, as specified in [RFC2617]. As a result, Digest Access Authentication: Microsoft Extensions uses the HTTP/1.1 transport, as specified in [RFC2616].<2>

As specified in [RFC2831], messages are carried via SASL [RFC2222] in SASL-aware protocols, such as LDAP.

An extension to add channel binding to the HTTP Digest Authentication protocol has been submitted as a draft standard to the IETF. The client and server SHOULD<3> support channel binding as specified in [DRAFT-DIGESTBIND].