RFC 7616 has been officially made available for several years now but Spring Security still only supports RFC 2617 for digest auth.
Current Behavior The current digest auth in Spring Security uses MD5 for hashing purposes which is no longer considered secure
Context
All of our web services use digest auth and in order to ensure we continue to maintain up to date security standards in terms of crypto/hashing algorithm, we want to move to stronger hashing algorithm like SHA256
Comment From: sjohnr
Thanks for the suggestion @karansachdeva24 and welcome to the project!
I have added this to the 6.x milestone for now, but we will need to see if there is availability and interest to work on it.
Comment From: karansachdeva24
Thanks @sjohnr for considering the request. Looking forward to it.