Hi Prashant. I think in the challenge request, the first byte is the challenge length (usually 16) followed by the challenge itself, and then followed by some server name. I guess the reasoning is that this allows the client to choose the correct password based on the server name.
Yoav ________________________________ From: ipsec-boun...@ietf.org [mailto:ipsec-boun...@ietf.org] On Behalf Of Prashant Batra (prbatra) Sent: 24 October 2011 18:11 To: ipsec@ietf.org Subject: [IPsec] eap-md5 based authentication Hello, I am facing some problem in calculating md5-challenge response. What I am doing is simply MD5(Identifier | <secret> | <Challenge value received in the challenge request>). The challenge response is somehow wrong. Is it correct to say that Challenge value used as input to md5 is the same value what is in the EAP payload (type md5-challenge request)? Regards, Prashant
_______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec