On Tue, 2005-01-18 at 11:34 -0600, Rohit Trehan wrote:
> Hi
>
> can anyone explain the significane of "nonce", "opaque" and "realm"
See RFC 2617 for the details, but briefly:
realm
Identifies the 'authentication domain'; think of it as where the
credentials are valid.
nonce (and cnonce)
A value chosen by one party that the other could not have
predicted. This ensures that the 'response' hash sent as an
authenticator cannot be precomputed or replayed.
opaque
Has no particular use - when the client receives it, it should
send it back. (It's not even very useful to the server, but the
protocol requires it so just do it).
--
Scott Lawrence
Consulting Engineer
Pingtel Corp.
http://www.pingtel.com/
+1.781.938.5306 x162
_______________________________________________
Sip-implementors mailing list
[email protected]
http://lists.cs.columbia.edu/mailman/listinfo/sip-implementors
