SCRAM-SHA-1(-PLUS) + SCRAM-SHA-256(-PLUS) + SCRAM-SHA-512(-PLUS) supports

[Neustradamus]

Dear @roundcube team,

Can you add supports of :

• SCRAM-SHA-1
• SCRAM-SHA-1-PLUS
• SCRAM-SHA-256
• SCRAM-SHA-256-PLUS
• SCRAM-SHA-512
• SCRAM-SHA-512-PLUS
• SCRAM-SHA3-512
• SCRAM-SHA3-512-PLUS

You can add too:

• SCRAM-SHA-224
• SCRAM-SHA-224-PLUS
• SCRAM-SHA-384
• SCRAM-SHA-384-PLUS

A "big" list has been done in last link of this ticket.

---

SCRAM-SHA-1(-PLUS):

• https://tools.ietf.org/html/rfc5802
• https://tools.ietf.org/html/rfc6120

SCRAM-SHA-256(-PLUS):

• https://tools.ietf.org/html/rfc7677 since 2015-11-02
• https://tools.ietf.org/html/rfc8600 since 2019-06-21: https://mailarchive.ietf.org/arch/msg/ietf-announce/suJMmeMhuAOmGn_PJYgX5Vm8lNA

SCRAM-SHA-512(-PLUS):

• https://tools.ietf.org/html/draft-melnikov-scram-sha-512

SCRAM-SHA3-512(-PLUS):

• https://tools.ietf.org/html/draft-melnikov-scram-sha3-512

SCRAM BIS: Salted Challenge Response Authentication Mechanism (SCRAM) SASL and GSS-API Mechanisms:

• https://tools.ietf.org/html/draft-melnikov-scram-bis

-PLUS variants:

• RFC5056: On the Use of Channel Bindings to Secure Channels: https://tools.ietf.org/html/rfc5056
• RFC5929: Channel Bindings for TLS: https://tools.ietf.org/html/rfc5929
• Channel-Binding Types: https://www.iana.org/assignments/channel-binding-types/channel-binding-types.xhtml
• RFC9266: Channel Bindings for TLS 1.3: https://tools.ietf.org/html/rfc9266

IMAP:

• RFC9051: Internet Message Access Protocol (IMAP) - Version 4rev2: https://tools.ietf.org/html/rfc9051

LDAP:

• RFC5803: Lightweight Directory Access Protocol (LDAP) Schema for Storing Salted: Challenge Response Authentication Mechanism (SCRAM) Secrets: https://tools.ietf.org/html/rfc5803

HTTP:

• RFC7804: Salted Challenge Response HTTP Authentication Mechanism: https://tools.ietf.org/html/rfc7804

JMAP:

• RFC8621: The JSON Meta Application Protocol (JMAP) for Mail: https://tools.ietf.org/html/rfc8621

2FA:

• Extensions to Salted Challenge Response (SCRAM) for 2 factor authentication: https://tools.ietf.org/html/draft-melnikov-scram-2fa

IANA:

• Simple Authentication and Security Layer (SASL) Mechanisms: https://www.iana.org/assignments/sasl-mechanisms/sasl-mechanisms.xhtml

Linked to:

• State of Play scram-sasl/info#1

[alecpl]

Auth_SASL has some SCRAM support so it should be doable, but I will not give it a high prio. Any help appreciated.

[Neustradamus]

• There is: Auth_SASL2 : https://pear.php.net/package/Auth_SASL2
• Maybe good to compare with Auth_SASL: https://pear.php.net/package/Auth_SASL

It can be ok for 1.4?

[alecpl]

There's only one difference between these two libs. They handle errors differently. SO, there's no reason to switch.

[Neustradamus]

What is missing for SCRAM in 1.4 RC1 for 1.4 release?

Note: SCRAM is for LDAP too.

[alecpl]

1. Make sure pear/Auth_SASL has everything you need. It might not support *-PLUS variants, but I didn't look at this.
2. Add SCRAM auth support to rcube_imap_generic.
3. Add SCRAM auth support to pear/Net_Sieve.
4. Add SCRAM auth support to pear/Net_SMTP.
5. Add SCRAM auth support to kolab/Net_LDAP3.

[Neustradamus]

Yes, I think it is not supported yet for -PLUS variants, but it is already good point :)

[Neustradamus]

@alecpl: Any news?
I have seen that Roundcube 1.4 is out!

[alecpl]

I'm not working and not plan to work on this in foreseable future. It's not a prio for me. Pull requests appreciated.

[Neustradamus]

@alecpl, @kanarip: Can you look for kolab/Net_LDAP3 and SCRAM?
I have looked here: https://git.kolab.org/diffusion/PNL/history/master/

@alecpl: Your are here too :)

• https://github.com/pear/Net_Sieve/commits/master
  Why you do not accept ticket here?

I have done a ticket for pear/Net_SMTP: pear/Net_SMTP#57

For pear/Auth_SASL, all except -PLUS variants are good.

[Neustradamus]

@alecpl: Can you add "Issues" section (or it must be owner of PEAR) in https://github.com/pear/Net_Sieve?

Have you progressed on SCRAM?
To have a best security?

Note, after SCRAM-SHA-1(-PLUS):

• GNU SASL (gsasl) supports SCRAM-SHA-256(-PLUS) since 1.9.1: http://git.savannah.gnu.org/gitweb/?p=gsasl.git;a=blob;f=NEWS;hb=HEAD
• Dovecot supports SCRAM-SHA-256(-PLUS) since 2.3.10: https://doc.dovecot.org/configuration_manual/authentication/authentication_mechanisms/
• Cyrus SASL/IMAP supports SCRAM-SHA-256(-PLUS) and more since 2.1.27: https://www.cyrusimap.org/sasl/sasl/authentication_mechanisms.html
• ...

[Neustradamus]

@alecpl: SquirrelMail has SCRAM, it is possible to add in Roundcube?

• https://github.com/RealityRipple/squirrelmail

[Neustradamus]

@alecpl: Have you progressed on it?

[Neustradamus]

Dear @roundcube team, @alecpl, @thomascube, @vbenincasa,

Happy New Year 2022!

Have you looked for SCRAM-SHA-* supports?
The first step is without -PLUS variants.

Thanks in advance.

cc: @jparise

[Neustradamus]

I have forgotten to inform you, SCRAM-SHA-256/SCRAM-SHA-256-PLUS are in the new IMAP, I have added the last RFC in the description: RFC9051: Internet Message Access Protocol (IMAP) - Version 4rev2:

• https://tools.ietf.org/html/rfc9051

I wish you a good reading ^^

[pkolmann]

Please consider when implementing SCRAM-SHA-* that the whole SCRAM-algorithm should run on the Client, not the PHP on the server.

UseCase: Company Firewall with deep packet inspection should not get the plaintext password in the HTTPS traffic...

[Neustradamus]

@roundcube team, @alecpl: Net_SMTP (with Auth_SASL/Auth_SASL2) has now SCRAM-SHA-* features, old mechanisms have been deprecated.
Not yet -PLUS variants but a big progress done by @schengawegga and you can use.

Can you look for rcube_imap_generic, Net_Sieve, Net_LDAP3?

[Neustradamus]

Dear @karlitschek, @owncloud team, @roundcube team,

Security is the number 1?

• https://nextcloud.com/blog/open-source-email-pioneer-roundcube-comes-aboard-nextcloud/
• https://nextcloud.com/blog/roundcubes-future-at-nextcloud-an-interview-with-the-founders/

Can you confirm it and add SCRAM-SHA-* and SCRAM-SHA-*-PLUS supports in Roundcube, Nextcloud and deps?

Thanks in advance.

Roundcube, linked to (comment from @alecpl):

• SCRAM-SHA-1(-PLUS) + SCRAM-SHA-256(-PLUS) + SCRAM-SHA-512(-PLUS) supports #6917 (comment)

Nextcloud, linked to:

• https://github.com/search?q=org%3Anextcloud+scram&type=issues
• Support strong authentication nextcloud/mail#3146
• SCRAM-SHA-1(-PLUS) + SCRAM-SHA-256(-PLUS) + SCRAM-SHA-512(-PLUS) + SCRAM-SHA3-512(-PLUS) supports nextcloud/server#39732
• SCRAM-SHA-1(-PLUS) + SCRAM-SHA-256(-PLUS) + SCRAM-SHA-512(-PLUS) + SCRAM-SHA3-512(-PLUS) supports symfony/symfony#51292
• Add horde_stringprep to support SCRAM-SHA-1 nextcloud/mail#4377
• https://github.com/nextcloud/mail/blob/098d808c7c1a9af47a83a9fb27446a092092de1c/CHANGELOG.md?plain=1#L763
• https://bugs.horde.org/ticket/15146

Linked to:

• State of Play scram-sasl/info#1

[Neustradamus]

@alecpl: Can you look for rcube_imap_generic, Net_Sieve, Net_LDAP3?

It is already in pear/Auth_SASL, pear/Net_SMTP:

• https://github.com/pear/Auth_SASL/releases
• https://github.com/pear/Auth_SASL2/releases
• https://github.com/pear/Net_SMTP/releases

Thanks in advance.

cc: @schengawegga.

[Neustradamus]

Dear @karlitschek, @nextcloud team.

I wish you a Happy New Year 2024!

Can you add SCRAM supports in Roundcube and in Nextcloud?

[Neustradamus]

@pabzm: Can you solve this issue for security?

Thanks in advance.

[pabzm]

As @alecpl said five years ago: Pull requests welcome. Roundcube is very much a community project. If you care for this feature:

• find more people that want it. You're the only one since years who asks for it. Repeatedly tagging single people to push for it won't make it happen.
• find someone who implements it. The dev team has limited time, too, we can't do all the work.

[Neustradamus]

@schengawegga has done a lot of work in PEAR repositories but I do not know about Roundcube.
Hope an answer.