GPRS Authentication

---

What is the difference for this..

Select your GPRS authentication method.

PAP authentication
CHAP authentication

Its from the latest O2 uk update. But what does it all mean please. Default, hence mine is chap. Is pap any better?

Thank you, Martin

They are means to authenticate during PPP call setup. PAP uses cleartext passwords, CHAP uses a challenge-response based on the hash of a shared secret. CHAP protects your login credentials against people that can listen in during call-setup. It does not encrypt the actual traffic.

Use whatever works...

I don't think it's very relevant. CHAP is a more secure authentication, but takes slightly longer than PAP. It all depends on what the end server supports. O2 support both, so it doesn't matter, but some other networks may not, so it's really there for compatibility.

I'm guessing slightly, but that's the genral rule with RAS.

clear as mud!!

---

Well I think that I'll leave it as it is then. GPRS is still too expensive to use that much anyway.

If there's problems security / compatability or otherwise I'll get back in touch.

Cheers, Martin

GPRS doesn't actually use either. The HLR holds your account details and which APN you can connect to. Most GPRS services use neither PAP or CHAP.

When the service uses externally allocated IP addresses, or in the case of corperate networks where the GPRS operator doesn't own the IP address pool then PAP or CHAP are used, after GPRS authentication is comlpeted.
PAP and CHAP are thus used to authenticate a mobile outside of the GPRS operator's "domain".