[standards-jig] The simplest DIGEST-MD5 implementation

Robert Norris rob at cataclysm.cx
Thu May 29 23:19:10 UTC 2003


I read through RFC2831 (the document that describes the DIGEST-MD5
mechanism) again last night. To implement the simplest possible form of
MD5 (no channel security, no integrity protection, no replay protection,
etc) is dead simple - and yes, it still requires Base64 and MD5, but I
don't beleive these are huge barriers for small devices - there are many
small and fast code examples all over the place.

If people think there is value, I'd be happy to document the minimum
that is necessary to implement for a client to authenticate successfully
with a SASL-aware Jabber server using DIGEST-MD5. My hope is that people
will be more willing to adopt it once they see that it doesn't have to
be hard.

Thoughts?

-- 
Robert Norris                                       GPG: 1024D/FC18E6C2
Email+Jabber: rob at cataclysm.cx                Web: http://cataclysm.cx/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://mail.jabber.org/pipermail/standards/attachments/20030530/4722aacb/attachment.sig>


More information about the Standards mailing list