>From the spec:
   CHAP secrets MUST be an integral number of bytes (octets). A
   compliant implementation SHOULD NOT continue with the login step in
   which it should send a CHAP response (CHAP_R, Section 11.1.4
   Challenge Handshake Authentication Protocol (CHAP)) unless it can
   verify that the CHAP secret is at least 96 bits, or that IPsec
   encryption is being used to protect the connection.

The spec suggests that a chap secret be at least 96bits or (12
characters) but I see that only the AUTH_STR_MAX_LEN of 256 characters
is used for error checking.

Am I reading this correctly ?

-Shyam Iyer


You received this message because you are subscribed to the Google Groups 
"open-iscsi" group.
To post to this group, send email to open-is...@googlegroups.com.
To unsubscribe from this group, send email to 
For more options, visit this group at 

Reply via email to