Talk:Challenge-Handshake Authentication Protocol
![]() | Computing Unassessed | |||||||||
|
This is wrong
Chap is also A man or boy; a fellow. (http://www.yourdictionary.com/ahd/c/c0243000.html) plus it has other meanings too hi
Secret information
From the description of the protocol, it would appear that no secret information such as passwords are needed! I would guess that this line:
"2. The peer responds with a value calculated using a one-way hash function, such as MD5."
should mention that the message sent by the server and the password are both inputs to the hash function in some way? --Birkett 09:18, 30 June 2006 (UTC)
I agree with Birkett, you should rephrase the sentence as "The peer responds with a value calculated using a one-way hash function based on the shared secret. [Makan]
I agree too. It is not clear otherwise why anyone else cannot compute an MD5 hash, if no shared secret is required. [Siddharth]
Question : How is the shared secret shared in the first place ? ie how is CHAP installed on a new computer. At some stage the shared secret needs to pass through the public domain from server to client. Could how this happens be explained here ? MAR 2007 <MJ>
- CHAP is used in PPP, main usage of PPP is DSL with PPPoE. The "secret" is (in this case) usally transfered with a classical written letter. The server should receive your identity with the next update (or should poll a db/ldap/...) —Preceding unsigned comment added by 131.159.4.197 (talk) 14:06, 13 May 2008 (UTC)
- A shared secret key is often called a "Pre-Shared Key" (PSK), in terms that both parts previously agree on a common secret, and share it off-band.Zekkerj (talk) 05:14, 24 July 2009 (UTC)
Move
Please move to Challenge-Handshake Authentication Protocol.
Requested move
{{Requested move/dated|Challenge-Handshake Authentication Protocol}}
Challenge-handshake authentication protocol → Challenge-Handshake Authentication Protocol – I moved this page from CHAP, as it doesn't take much imagination to suppose that something else might have the same acronym. --KQ 23:41, 25 May 2011 (UTC)
Also, this page is linked to from Password Authentication Protocol and nowhere else. --KQ
- The capitalization change seems uncontroversial. I've asked for the redirect to be deleted so that the move can be made.--Kotniski (talk) 11:36, 2 June 2011 (UTC)