[JDEV] 0K Authentication
Chris Chen
ckchris at idream.net
Thu Oct 11 23:48:20 CDT 2001
Ah!
I finally got it working! You know what the problem was? Apparently the
algorithm was fine, but your answer took out one issue that I didn't have
to worry about... However, it triggered another issue that I never thought
about...
Hashing lowercase hex is all good.. But also I have to return the final
hash result in lowercase back to the server... Apparently, the server will
not lowercase it first before starting to apply the hash..
I lowercased the final hash and sent it back to the server and it accepted it!
So just curious, should the server side at least implement a function such
that the returned hash should be case insensitive rather than case
sensitive? (And probably mention this in the JEP too)... I think the
server should accomodate this and lowercase the authentication hash
received from the client before hashing..
What do you think?
Thanks for all the help.
Chris
At 08:57 PM 10/11/2001, you wrote:
>The results used from all of the SHA1 hashes is the lower case hex
>string. I'll be sure this is mentioned when I combine the zero-k auth and
>reg drafts into a JEP.
>
>Jer
>_______________________________________________
>jdev mailing list
>jdev at jabber.org
>http://mailman.jabber.org/listinfo/jdev
PGP at ldap://certserver.pgp.com/
More information about the JDev
mailing list