Jump to content

Talk:Challenge-Handshake Authentication Protocol

Page contents not supported in other languages.
From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by 210.84.31.104 (talk) at 12:46, 20 March 2007. The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

I moved this page from CHAP, as it doesn't take much imagination to suppose that something else might have the same acronym. --KQ

Also, this page is linked to from Password Authentication Protocol and nowhere else. --KQ

This is wrong

Chap is also A man or boy; a fellow. (http://www.yourdictionary.com/ahd/c/c0243000.html) plus it has other meanings too

Secret information

From the description of the protocol, it would appear that no secret information such as passwords are needed! I would guess that this line:

"2. The peer responds with a value calculated using a one-way hash function, such as MD5."

should mention that the message sent by the server and the password are both inputs to the hash function in some way? --Birkett 09:18, 30 June 2006 (UTC)[reply]

I agree with Birkett, you should rephrase the sentence as "The peer responds with a value calculated using a one-way hash function based on the shared secret. [Makan]

Question : How is the shared secret shared in the first place ? ie how is CHAP installed on a new computer. At some stage the shared secret needs to pass through the public domain from server to client. Could how this happens be explained here ? MAR 2007 <MJ>

Retrieved from "https://en.wikipedia.org/w/index.php?title=Talk:Challenge-Handshake_Authentication_Protocol&oldid=116513793"