subject:"\[jdev\] What is the purpose of the rspauth\?"

Re: [jdev] What is the purpose of the rspauth?

2007-04-20 Thread Ralph Meijer

On Wed, 2007-04-18 at 10:22 +0800, LUKE wrote:
> [..]
> The decoded value for subsequent authentication is:
> rspauth=ea40f60335c427b5527b84dbabcdfffd

This can be used for so-called 'Subsequent Authentication'. See section
2.2 of RFC 2831.

-- 
Groetjes,

ralphm

Re: [jdev] What is the purpose of the rspauth?

2007-04-17 Thread Justin Karneges

On Tuesday 17 April 2007 7:22 pm, LUKE wrote:
> I know Step 1.2. is rfc-2831.And i can understand the calculation process.
>
> But  The step 3:  rspauth=ea40f60335c427b5527b84dbabcdfffd
>
> Where the value(ea40f60335c427b5527b84dbabcdfffd) come from?
> And what is the purpose of the rspauth. The XMPP document
> (http://www.xmpp.org/internet-drafts/draft-saintandre-rfc3920bis-01.html)
> does not have any example about rspauth.

As far as I know, rspauth is DIGEST-MD5's way for the server to authenticate 
itself to the client.  This extra step is commonly known as mutual 
authentication.  I don't know how this value is calculated or verified 
though.

This should be described in RFC 2831, read deeper. :)

-Justin

[jdev] What is the purpose of the rspauth?

2007-04-17 Thread LUKE


I know Step 1.2. is rfc-2831.And i can understand the calculation process.

But  The step 3:  rspauth=ea40f60335c427b5527b84dbabcdfffd

Where the value(ea40f60335c427b5527b84dbabcdfffd) come from?
And what is the purpose of the rspauth. The XMPP document
(http://www.xmpp.org/internet-drafts/draft-saintandre-rfc3920bis-01.html)
does not have any example about rspauth.

=

cmVhbG09ImV4YW1wbGUuY29tIixub25jZT0iT0E2TUc5dEVRR20yaGgiLHFvcD0i
YXV0aCIsY2hhcnNldD11dGYtOCxhbGdvcml0aG09bWQ1LXNlc3MK


The decoded challenge is:

realm="example.com",nonce="OA6MG9tEQGm2hh",
qop="auth",charset=utf-8,algorithm=md5-sess


dXNlcm5hbWU9Imp1bGlldCIscmVhbG09ImV4YW1wbGUuY29tIixub25jZT0iT0E2
TUc5dEVRR20yaGgiLGNub25jZT0iT0E2TUhYaDZWcVRyUmsiLG5jPTAwMDAwMDAx
LHFvcD1hdXRoLGRpZ2VzdC11cmk9InhtcHAvZXhhbXBsZS5jb20iLHJlc3BvbnNl
PWQzODhkYWQ5MGQ0YmJkNzYwYTE1MjMyMWYyMTQzYWY3LGNoYXJzZXQ9dXRmLTgK


The decoded response is:
username="juliet",realm="example.com",
nonce="OA6MG9tEQGm2hh",cnonce="OA6MHXh6VqTrRk",
nc=0001,qop=auth,digest-uri="xmpp/example.com",
response=d388dad90d4bbd760a152321f2143af7,charset=utf-8
=

cnNwYXV0aD1lYTQwZjYwMzM1YzQyN2I1NTI3Yjg0ZGJhYmNkZmZmZAo=


The decoded value for subsequent authentication is:
rspauth=ea40f60335c427b5527b84dbabcdfffd
=

Re: [jdev] What is the purpose of the rspauth?

Re: [jdev] What is the purpose of the rspauth?

[jdev] What is the purpose of the rspauth?

3 matches

Site Navigation

Mail list logo

Footer information