Sebastian Paul Avarvarei wrote: >Hello David, > >Thank you for your reply. However, like any good answer, it raises more questions :) > >I'm a little bit at loss here - still newbie in these areas. I'm not sure what's the >difference between <digest> and <hash>/zero-k auth. If you could give me a pointer to >some docs on the subject, I would appreciate it. What's the method for computing the >digest? Isn't it like the "openssl sha1" command? > They are very similar. The main difference is that the zero-knowledge auth is a key which gets modified each time you authenticate, such that the server does not actually know what your password is. With digest-based auth, the server must store a copy of the plaintext password.
digest = hex(SHA1(session_id + password)) Where SHA1 is the standard sha algorithm returning binary data, and hex() encodes this as lowercase hexidecimal characters. This should be the output of the "openssl sha1" command. Zero-knowledge auth is described at http://docs.jabber.org/draft-proto/html/zerok.html; it is not standard and probably never will be with the push for SASL. -David Waite _______________________________________________ jdev mailing list [EMAIL PROTECTED] http://mailman.jabber.org/listinfo/jdev
