On Tuesday 17 April 2007 7:22 pm, LUKE wrote: > I know Step 1.2. is rfc-2831.And i can understand the calculation process. > > But The step 3: rspauth=ea40f60335c427b5527b84dbabcdfffd > > Where the value(ea40f60335c427b5527b84dbabcdfffd) come from? > And what is the purpose of the rspauth. The XMPP document > (http://www.xmpp.org/internet-drafts/draft-saintandre-rfc3920bis-01.html) > does not have any example about rspauth.
As far as I know, rspauth is DIGEST-MD5's way for the server to authenticate itself to the client. This extra step is commonly known as mutual authentication. I don't know how this value is calculated or verified though. This should be described in RFC 2831, read deeper. :) -Justin
