SCRAM-SHA-1-PLUS + SCRAM-SHA-256(-PLUS) + SCRAM-SHA-512(-PLUS) supports

Question

SCRAM-SHA-1-PLUS + SCRAM-SHA-256(-PLUS) + SCRAM-SHA-512(-PLUS) supports

Neustradamus opened this issue 4 years ago · comments

Neustradamus commented 4 years ago

After:

SCRAM-SHA-1

Can you add supports of:

SCRAM-SHA-1-PLUS
SCRAM-SHA-256
SCRAM-SHA-256-PLUS
SCRAM-SHA-512
SCRAM-SHA-512-PLUS
SCRAM-SHA3-512
SCRAM-SHA3-512-PLUS

You can add too:

SCRAM-SHA-224
SCRAM-SHA-224-PLUS
SCRAM-SHA-384
SCRAM-SHA-384-PLUS

"When using the SASL SCRAM mechanism, the SCRAM-SHA-256-PLUS variant SHOULD be preferred over the SCRAM-SHA-256 variant, and SHA-256 variants [RFC7677] SHOULD be preferred over SHA-1 variants [RFC5802]".

SCRAM-SHA-1(-PLUS):
-- https://tools.ietf.org/html/rfc5802
-- https://tools.ietf.org/html/rfc6120
SCRAM-SHA-256(-PLUS):
-- https://tools.ietf.org/html/rfc7677 since 2015-11-02
-- https://tools.ietf.org/html/rfc8600 since 2019-06-21: https://mailarchive.ietf.org/arch/msg/ietf-announce/suJMmeMhuAOmGn_PJYgX5Vm8lNA
SCRAM-SHA-512(-PLUS):
-- https://tools.ietf.org/html/draft-melnikov-scram-sha-512
SCRAM-SHA3-512(-PLUS):
-- https://tools.ietf.org/html/draft-melnikov-scram-sha3-512

https://xmpp.org/extensions/inbox/hash-recommendations.html

-PLUS variants:

RFC5056: On the Use of Channel Bindings to Secure Channels: https://tools.ietf.org/html/rfc5056
RFC5929: Channel Bindings for TLS: https://tools.ietf.org/html/rfc5929
Channel-Binding Types: https://www.iana.org/assignments/channel-binding-types/channel-binding-types.xhtml
RFC 9266: Channel Bindings for TLS 1.3: https://tools.ietf.org/html/rfc9266

IMAP:

RFC9051: Internet Message Access Protocol (IMAP) - Version 4rev2: https://tools.ietf.org/html/rfc9051

LDAP:

RFC5803: Lightweight Directory Access Protocol (LDAP) Schema for Storing Salted: Challenge Response Authentication Mechanism (SCRAM) Secrets: https://tools.ietf.org/html/rfc5803

HTTP:

RFC7804: Salted Challenge Response HTTP Authentication Mechanism: https://tools.ietf.org/html/rfc7804

2FA:

Extensions to Salted Challenge Response (SCRAM) for 2 factor authentication: https://tools.ietf.org/html/draft-melnikov-scram-2fa

IANA:

Simple Authentication and Security Layer (SASL) Mechanisms: https://www.iana.org/assignments/sasl-mechanisms/sasl-mechanisms.xhtml

Linked to:

scram-sasl/info#1

Neustradamus · Answer 1 · Tue Nov 17 2020 17:40:20 GMT+0800 (China Standard Time)

@bensmiley: Solved?

Ben Smiley · Answer 2 · Tue Nov 17 2020 20:20:15 GMT+0800 (China Standard Time)

Hi @Neustradamus if there is an issue you actually need to describe the problem rather than posting a lot of links. If this is a feature request, you would need to mention that. With feature requests they will be implemented when we have capacity. If you need the feature urgently, you would need to contribute to the cost of the development.