SCRAM-SHA-1-PLUS + SCRAM-SHA-224-PLUS + SCRAM-SHA-256-PLUS + SCRAM-SHA-384-PLUS + SCRAM-SHA-512-PLUS + SCRAM-SHA3-512(-PLUS) supports #1
Comments
|
@derickr, @OpenPrunus, @mbretter, @anishmystery, @akhileshpv, @gwynne, @till, @ashnazg, @kenguest, @cweiske, @mj, @net-tools, @edhelas, @Jehan, @CloCkWeRX: Please read the text in the main ticket. Thanks in advance. |
|
Hi @Neustradamus ! When I originally implemented SCRAM in Auth_SASL, I had an actual usage of this (for a XMPP-related code I was developing and using). I don't anymore, so I don't think I will be able to make any time to read again the spec, then the new specs, then to implement further. Yet this is obviously a good idea to follow evolution in standards and to implement whatever is new. That's Free Software, anyone is free to take it from here and to improve my code (or make a new one, if needed). 🙂 I hope someone will implement this. It just probably won't be me. |
|
Hey @Neustradamus — I think generally everyone is open to pull-requests, but no need to ping people. Do you want to give a PR a try? Just make sure to add tests covering it. :) Or covering changes before you make them. |
|
@Jehan: Thanks for your reply and I know, thanks a lot for your contributions :) @till: Thanks for your reply. And there are problems on GitHub: 1/ https://github.com/pear/Auth_SASL2 is a fork of CloCkWeRX/Auth_SASL2 and CloCkWeRX/Auth_SASL2 is not up-to-date, maybe we can do a transfer? 2/ A lot of pear repositories have not the "Issues" section enabled, can you open sections to all repositories? At beginning, can you add here:
Several issues are linked to: Thanks in advance. |
|
hi @Neustradamus - a PR or two would go a long way :-) I don't have much spare time these days to spend on adding code to a package that I'm not really using myself, but I don't mind looking over the occasional PR. :-) |
|
@ all, In first, I wish you a Happy New Year 2022! I have added the last IMAP RFC which has SCRAM-SHA-256 and SCRAM-SHA-256-PLUS supports. Auth_SASL/Auth_SASL2 support already SCRAM-SHA-1/SCRAM-SHA-224/SCRAM-SHA-256/SCRAM-SHA-384/SCRAM-SHA-512. One guy can add in:
Thanks in advance. |
|
@ all: It is official for TLS 1.3 Binding!
Details:
|
After (which it is already good for Roundcube : @alecpl)
It is possible to add other SCRAM?
TLS Binding:
Thanks in advance
"When using the SASL SCRAM mechanism, the SCRAM-SHA-256-PLUS variant SHOULD be preferred over the SCRAM-SHA-256 variant, and SHA-256 variants [RFC7677] SHOULD be preferred over SHA-1 variants [RFC5802]".
SCRAM-SHA-1(-PLUS):
-- https://tools.ietf.org/html/rfc5802
-- https://tools.ietf.org/html/rfc6120
SCRAM-SHA-256(-PLUS):
-- https://tools.ietf.org/html/rfc7677 since 2015-11-02
-- https://tools.ietf.org/html/rfc8600 since 2019-06-21: https://mailarchive.ietf.org/arch/msg/ietf-announce/suJMmeMhuAOmGn_PJYgX5Vm8lNA
SCRAM-SHA-512(-PLUS):
-- https://tools.ietf.org/html/draft-melnikov-scram-sha-512
SCRAM-SHA3-512(-PLUS):
-- https://tools.ietf.org/html/draft-melnikov-scram-sha3-512
SCRAM BIS: Salted Challenge Response Authentication Mechanism (SCRAM) SASL and GSS-API Mechanisms:
-- https://tools.ietf.org/html/draft-melnikov-scram-bis
https://xmpp.org/extensions/inbox/hash-recommendations.html
-PLUS variants:
IMAP:
LDAP:
HTTP:
2FA:
IANA:
Linked to:
The text was updated successfully, but these errors were encountered: