[standards-jig] Refreshing the Thread: EDigest

Casey Crabb crabbkw at nafai.dyndns.org
Wed May 28 01:57:34 UTC 2003

On Tue, May 27, 2003 at 07:40:48PM -0600, Dave Smith wrote:
> Amendment to my previous email -- Tijl, I agree completely now. Let's
> use the random numbers as you originally suggested. So edigest becomes:
> edigest == SHA(stream id + SHA(random id + password))

Just to be extra clear; This random id is passed to the client upon
requesting authentication methods the server supports, correct? I
don't want to user to have to remember this random number in order to
login from a different client(which would have no previous knowledge
of said random number).

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://mail.jabber.org/pipermail/standards/attachments/20030527/3355744b/attachment.sig>

More information about the Standards mailing list