|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: ISCSI: User authentication vs. Machine Authentication for iSCSIJust one clarification on John's response (which I agree with, by the way, as well as Charles and Mark's comments). John stated. >Note: Mark pointed out that this was the way Web servers worked. >3. Chap can be used in this environment since the Link is already secure >and encrypted, and sending the password in what otherwise would have been >in the clear, is protected by the link encryption. CHAP does not send passwords in the clear. It may send user identities in the clear, and it requires a shared secret to be stored in multiple locations, but the password is hashed using MD5 or other similar algorithm. MD5 may not be considered the tightest hash algorithm, but it produces stuff far from clear text. Paul
Home Last updated: Tue Sep 04 01:03:49 2001 6315 messages in chronological order |