draft-josefsson-password-auth-00.txt
Nicolas Williams
Nicolas.Williams at sun.com
Thu Mar 29 17:21:29 CEST 2007
On Thu, Mar 29, 2007 at 04:28:30PM +0200, Martin Rex wrote:
> Most challenge-response protocols perform a unidirectional
> authentication of the client/initiator to the server/acceptor only,
> and for those the authentication scheme usually does not have
> a name for the acceptor.
Understood. Perhaps then what I should have said is that when mutual
authentication is requested then the password should be salted with the
acceptor name.
More information about the Password-auth
mailing list