What's the meaning of 'challenge' in SASL

Asked Dec 04 '18 at 08:19

Active Dec 05 '18 at 02:53

Viewed 124 times

I'm reading the RFC 4422 document which detail described the SASL framework, but English is not my native language. I really can't understand what's the 'challenge' mean in SASL? The following content is extracted from the document: Where the mechanism specifies that the first data sent in the exchange is from the client to the server and this field is unavailable or unused, the client request is followed by an empty challenge.

  C: Request authentication exchange
  S: Empty Challenge
  C: Initial Response
  <additional challenge/response messages>
  S: Outcome of authentication exchange

'an empty challenge' is an empty request? or something else? Thanks for your help.

edited Dec 05 '18 at 02:53

asked Dec 04 '18 at 08:19

zluo

Challenge == "prove me you are who you are" – Samson Scharfrichter Dec 06 '18 at 09:15
A non-empty challenge could be "OK, user X has a public key, so prove me you have the private key by decrypting this..." i.e. a closed question. An empty challenge is more of an open question. – Samson Scharfrichter Dec 06 '18 at 09:18

What's the meaning of 'challenge' in SASL

0 Answers0