RFC 2944 (rfc2944) - Page 2 of 7
Telnet Authentication: SRP
Alternative Format: Original Text Document
RFC 2944 Telnet Authentication: SRP September 2000
2. Command Meanings
IAC SB AUTHENTICATION IS AUTH IAC SE
This command indicates that the client has supplied the
username and is ready to receive that user's field parameters.
There is no authentication information to be sent to the remote
side of the connection yet. This should only be sent after the
IAC SB AUTHENTICATION NAME command has been issued. If the
modifier byte (second byte of the authentication-type-pair)
has any bits other than AUTH_WHO_MASK or AUTH_HOW_MASK set,
both bytes are included in the session key hash described later.
This ensures that the authentication type pair was correctly
negotiated, while maintaining backward-compatibility with existing
software.
IAC SB AUTHENTICATION REPLY PARAMS IAC SE
This command is used to pass the three parameter values used
in the exponentiation to the client. These values are often
called n, g, and s.
IAC SB AUTHENTICATION IS EXP IAC SE
This command is used to pass the client's exponential residue,
otherwise known as A, computed against the parameters exchanged
earlier.
IAC SB AUTHENTICATION REPLY CHALLENGE
IAC SE
This command is used to pass the server's exponential residue,
computed against the same parameters. This quantity is actually
the sum of two residues, i.e. g^x + g^b. For details see [SRP]
and [<a href="/computing/rfc/rfc2945.html">RFC 2945</a>].
IAC SB AUTHENTICATION IS <authentication-type-pair> RESPONSE
<response from client> IAC SE
This command gives the server proof of the client's authenticity
with a 160-bit (20 byte) response.
Wu Standards Track</response></authentication-type-pair>