Talk:Challenge-handshake authentication protocol

From Wikipedia, the free encyclopedia

You have new messages (last change).

I moved this page from CHAP, as it doesn't take much imagination to suppose that something else might have the same acronym. --KQ

Also, this page is linked to from Password Authentication Protocol and nowhere else. --KQ

[edit] This is wrong

Chap is also A man or boy; a fellow. (http://www.yourdictionary.com/ahd/c/c0243000.html) plus it has other meanings too

[edit] Secret information

From the description of the protocol, it would appear that no secret information such as passwords are needed! I would guess that this line:

"2. The peer responds with a value calculated using a one-way hash function, such as MD5."

should mention that the message sent by the server and the password are both inputs to the hash function in some way? --Birkett 09:18, 30 June 2006 (UTC)

I agree with Birkett, you should rephrase the sentence as "The peer responds with a value calculated using a one-way hash function based on the shared secret. [Makan]

Question : How is the shared secret shared in the first place ? ie how is CHAP installed on a new computer. At some stage the shared secret needs to pass through the public domain from server to client. Could how this happens be explained here ? MAR 2007 <MJ>

Retrieved from "http://en.wikipedia.org../../../c/h/a/Talk%7EChallenge-handshake_authentication_protocol_f413.html"