Quality of Protection
The quality of protection, identified by the qop directive, is first specified by the server in the Digest challenge, and then confirmed by the client in the challenge response. If the client requires a quality of protection that the server does not support, the client must terminate the authentication.
The possible values for the qop directive are described in the following table.
|"auth-int"||Authentication and integrity checking using signatures.|
|(SASL only) "auth-conf"||Authentication, integrity and confidentiality checking by using signatures and encryption. For more information, see Ciphers.|
Quality of protection is determined by context requirement flags passed to the Microsoft Digest SSP. The following table lists the flags related to quality of protection, and the resulting value of the qop directive.
|XXX_REQ_CONFIDENTIALITY||"auth-conf" (SASL only)|
For additional server-related information, see Generating the Digest Challenge.
For additional client-related information, see Generating the Digest Challenge Response.