[standards-jig] Refreshing the Thread: EDigest

Dave Smith dizzyd at jabber.org
Wed May 28 02:02:00 UTC 2003


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


On Tuesday, May 27, 2003, at 19:57 America/Denver, Casey Crabb wrote:

> On Tue, May 27, 2003 at 07:40:48PM -0600, Dave Smith wrote:
>> Amendment to my previous email -- Tijl, I agree completely now. Let's
>> use the random numbers as you originally suggested. So edigest 
>> becomes:
>>
>> edigest == SHA(stream id + SHA(random id + password))
>
> Just to be extra clear; This random id is passed to the client upon
> requesting authentication methods the server supports, correct? I

Correct. The server tracks the random ID.

Diz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (Darwin)

iD8DBQE+1BiYYNE3chVHHsMRAr8VAKDylKbX1DlsgclM5VjWOGEiaJPpigCgzYV+
YQXrUsOH531VJbNrMZ6uhgA=
=FOMV
-----END PGP SIGNATURE-----




More information about the Standards mailing list