Hi Prashant.

I think in the challenge request, the first byte is the challenge length 
(usually 16) followed by the challenge itself, and then followed by some server 
name. I guess the reasoning is that this allows the client to choose the 
correct password based on the server name.

Yoav

________________________________
From: ipsec-boun...@ietf.org [mailto:ipsec-boun...@ietf.org] On Behalf Of 
Prashant Batra (prbatra)
Sent: 24 October 2011 18:11
To: ipsec@ietf.org
Subject: [IPsec] eap-md5 based authentication

Hello,

I am facing some problem in calculating md5-challenge response.
What I am doing is simply MD5(Identifier | <secret> | <Challenge value received 
in the challenge request>).
The challenge response is somehow wrong.

Is it correct to say that Challenge value used as input to md5 is the same 
value what is in the EAP payload (type md5-challenge request)?

Regards,
Prashant

_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec

Reply via email to