Talk:Challenge-Handshake Authentication Protocol

Page contents not supported in other languages.
From Wikipedia, the free encyclopedia

This is wrong[edit]

Chap is also A man or boy; a fellow. ( plus it has other meanings too hi — Preceding unsigned comment added by (talk) 16:48, 27 May 2013 (UTC)Reply[reply]

Secret information[edit]

From the description of the protocol, it would appear that no secret information such as passwords are needed! I would guess that this line:

"2. The peer responds with a value calculated using a one-way hash function, such as MD5."

should mention that the message sent by the server and the password are both inputs to the hash function in some way? --Birkett 09:18, 30 June 2006 (UTC)Reply[reply]

I agree with Birkett, you should rephrase the sentence as "The peer responds with a value calculated using a one-way hash function based on the shared secret. [Makan]

I agree too. It is not clear otherwise why anyone else cannot compute an MD5 hash, if no shared secret is required. [Siddharth]

Question : How is the shared secret shared in the first place ? ie how is CHAP installed on a new computer. At some stage the shared secret needs to pass through the public domain from server to client. Could how this happens be explained here ? MAR 2007 <MJ>

CHAP is used in PPP, main usage of PPP is DSL with PPPoE. The "secret" is (in this case) usally transfered with a classical written letter. The server should receive your identity with the next update (or should poll a db/ldap/...) —Preceding unsigned comment added by (talk) 14:06, 13 May 2008 (UTC)Reply[reply]
A shared secret key is often called a "Pre-Shared Key" (PSK), in terms that both parts previously agree on a common secret, and share it off-band.Zekkerj (talk) 05:14, 24 July 2009 (UTC)Reply[reply]


Please move to Challenge-Handshake Authentication Protocol.

Requested move[edit]

{{Requested move/dated|Challenge-Handshake Authentication Protocol}}

Challenge-handshake authentication protocolChallenge-Handshake Authentication Protocol – I moved this page from CHAP, as it doesn't take much imagination to suppose that something else might have the same acronym. --KQ 23:41, 25 May 2011 (UTC)Reply[reply]

Also, this page is linked to from Password Authentication Protocol and nowhere else. --KQ

The capitalization change seems uncontroversial. I've asked for the redirect to be deleted so that the move can be made.--Kotniski (talk) 11:36, 2 June 2011 (UTC)Reply[reply]

External links modified[edit]

Hello fellow Wikipedians,

I have just modified one external link on Challenge-Handshake Authentication Protocol. Please take a moment to review my edit. If you have any questions, or need the bot to ignore the links, or the page altogether, please visit this simple FaQ for additional information. I made the following changes:

When you have finished reviewing my changes, you may follow the instructions on the template below to fix any issues with the URLs.

This message was posted before February 2018. After February 2018, "External links modified" talk page sections are no longer generated or monitored by InternetArchiveBot. No special action is required regarding these talk page notices, other than regular verification using the archive tool instructions below. Editors have permission to delete these "External links modified" talk page sections if they want to de-clutter talk pages, but see the RfC before doing mass systematic removals. This message is updated dynamically through the template {{source check}} (last update: 18 January 2022).

  • If you have discovered URLs which were erroneously considered dead by the bot, you can report them with this tool.
  • If you found an error with any archives or the URLs themselves, you can fix them with this tool.

Cheers.—InternetArchiveBot (Report bug) 06:20, 27 July 2017 (UTC)Reply[reply]