[JDEV] 0k authentication + java
Iain Shigeoka
iainshigeoka at yahoo.com
Tue Nov 6 11:56:10 CST 2001
On 11/5/01 2:49 PM, "Chris Chen" <ckchris at idream.net> wrote:
> Yes, I finally got it figured out.. Apparently, the hashed string needs to
> be all lowercase.
Yes. All hashes are considered the lower case, hex, ascii representation.
Not the raw bytes of the actual hash. So you must produce the digest. Then
Convert it to its lower case, hex, ascii rep, then hash it again, etc. etc.
We just went over this in either the security or standards jig a week or so
ago but unfortunately, none of the docs have been updated with the
clarification.
Also, 0k reset is covered in an html doc, while the protocol (minus the fact
the update that it is the lowercase text that is hashed), is in the normal
protocol doc. Both should be merged into a final 0k doc. However, I think
things have been going slowly in this direction because everyone would
rather move forward to the new, Foundation, final standards rather than
spend time clarifying the old, existing docs....
Well, probably more info than you wanted to know.
-iain
_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
More information about the JDev
mailing list