RADIUS attribute from rfc5090
This attribute is used to allow the generation of an
Authentication-Info header, even if the HTTP-style response's
body is required for the calculation of the rspauth value. It
SHOULD be used in Access-Accept packets if the required quality
of protection (qop) is 'auth-int'.
This attribute MUST NOT be sent if the qop parameter was not
specified or has a value of 'auth' (in this case, use Digest-
The Digest-HA1 Attribute MUST only be sent by the RADIUS server
or processed by the RADIUS client if at least one of the
following conditions is true:
+ The Digest-Algorithm Attribute's value is 'MD5-sess' or
+ IPsec is configured to protect traffic between the RADIUS
client and RADIUS server with IPsec (see).
This attribute MUST only be used in Access-Accept packets.Type
121 for Digest-HA1
This attribute contains the hexadecimal representation of H(A1)
as described in , Sections,, and.