[JDEV] 0K Authentication

Chris Chen ckchris at idream.net
Thu Oct 11 23:48:20 CDT 2001


I finally got it working!  You know what the problem was?  Apparently the 
algorithm was fine, but your answer took out one issue that I didn't have 
to worry about...  However, it triggered another issue that I never thought 

Hashing lowercase hex is all good.. But also I have to return the final 
hash result in lowercase back to the server... Apparently, the server will 
not lowercase it first before starting to apply the hash..

I lowercased the final hash and sent it back to the server and it accepted it!

So just curious, should the server side at least implement a function such 
that the returned hash should be case insensitive rather than case 
sensitive?  (And probably mention this in the JEP too)... I think the 
server should accomodate this and lowercase the authentication hash 
received from the client before hashing..

What do you think?

Thanks for all the help.

At 08:57 PM 10/11/2001, you wrote:
>The results used from all of the SHA1 hashes is the lower case hex 
>string.  I'll be sure this is mentioned when I combine the zero-k auth and 
>reg drafts into a JEP.
>jdev mailing list
>jdev at jabber.org

PGP at ldap://certserver.pgp.com/

More information about the JDev mailing list