Talk:Challenge-Handshake Authentication Protocol

A "in popular culture" section can be added under which it can be mentioned how the Seraph character of The Matrix was actually a personification of CHAP

Computing: Security Stub‑class

This article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.ComputingWikipedia:WikiProject ComputingTemplate:WikiProject ComputingComputing Stub This article has been rated as Stub-class on Wikipedia's content assessment scale. ??? This article has not yet received a rating on the project's importance scale. This article is supported by WikiProject Computer security (assessed as Mid-importance). Things you can help WikiProject Computer security with: edit history watch purge Article alerts are available, updated by AAlertBot. More information... Review importance and quality of existing articles Identify categories related to Computer Security Tag related articles Identify articles for creation (see also: Article requests) Identify articles for improvement Create the Project Navigation Box including lists of adopted articles, requested articles, reviewed articles, etc. Find editors who have shown interest in this subject and ask them to take a look here.

Chap is also A man or boy; a fellow. (http://www.yourdictionary.com/ahd/c/c0243000.html) plus it has other meanings too hi — Preceding unsigned comment added by 86.21.100.3 (talk) 16:48, 27 May 2013 (UTC)[reply]

From the description of the protocol, it would appear that no secret information such as passwords are needed! I would guess that this line:

"2. The peer responds with a value calculated using a one-way hash function, such as MD5."

should mention that the message sent by the server and the password are both inputs to the hash function in some way? --Birkett 09:18, 30 June 2006 (UTC)[reply]

I agree with Birkett, you should rephrase the sentence as "The peer responds with a value calculated using a one-way hash function based on the shared secret. [Makan]

I agree too. It is not clear otherwise why anyone else cannot compute an MD5 hash, if no shared secret is required. [Siddharth]

Question : How is the shared secret shared in the first place ? ie how is CHAP installed on a new computer. At some stage the shared secret needs to pass through the public domain from server to client. Could how this happens be explained here ? MAR 2007 <MJ>

CHAP is used in PPP, main usage of PPP is DSL with PPPoE. The "secret" is (in this case) usally transfered with a classical written letter. The server should receive your identity with the next update (or should poll a db/ldap/...) —Preceding unsigned comment added by 131.159.4.197 (talk) 14:06, 13 May 2008 (UTC)[reply]

A shared secret key is often called a "Pre-Shared Key" (PSK), in terms that both parts previously agree on a common secret, and share it off-band.Zekkerj (talk) 05:14, 24 July 2009 (UTC)[reply]

Please move to Challenge-Handshake Authentication Protocol.

{{Requested move/dated|Challenge-Handshake Authentication Protocol}}

Challenge-handshake authentication protocol → Challenge-Handshake Authentication Protocol – I moved this page from CHAP, as it doesn't take much imagination to suppose that something else might have the same acronym. --KQ 23:41, 25 May 2011 (UTC)[reply]

Also, this page is linked to from Password Authentication Protocol and nowhere else. --KQ

The capitalization change seems uncontroversial. I've asked for the redirect to be deleted so that the move can be made.--Kotniski (talk) 11:36, 2 June 2011 (UTC)[reply]