Differences From:

File www/sync.html part of check-in [469002ccdf] - Added navbar to all pages, linking back to the index. Fixed typo in the index page. by aku on 2007-09-12 04:19:59. Also file www/sync.html part of check-in [bbcb6326c9] - Pulled in the navbar and timeline changes. by aku on 2007-09-17 00:58:51. [view]

To:

File www/sync.html part of check-in [f76192b245] - Pulled the latest CLI, website, and sqlite changes into the importer branch. by aku on 2007-09-17 01:00:32. [view]

@@ -123,14 +123,17 @@
 <b>login</b>  <i>userid  nonce  signature</i>
 </blockquote>
 
 <p>The userid is the name of the user that is requesting service
-from the server.  The nonce is a random one-use hexadecimal number.
-The signature is the SHA1 hash of the users password.</p>
+from the server.  The nonce is the SHA1 hash of the remainder of
+the message - all text that follows the newline character that
+terminates the login card.  The signature is the SHA1 hash of
+the concatenation of the nonce and the users password.</p>
 
 <p>For each login card, the server looks up the user and verifies
-that the nonce has never before been used.  It then checks the
-signature hash to make sure the signature matches.  If everything
+that the nonce matches the SHA1 hash of the remainder of the
+message.  It then checks the signature hash to make sure the
+signature matches.  If everything
 checks out, then the client is granted all privileges of the
 specified user.</p>
 
 <p>Privileges are cumulative.  There can be multiple successful