[Dovecot] [PATCH] Add SCRAM-SHA-1 password scheme

[Timo Sirainen]

On 3.10.2012, at 2.54, Florian Zeitz wrote:

> Am 03.10.2012 01:42, schrieb Timo Sirainen:
>> On 3.10.2012, at 0.05, Florian Zeitz wrote:
>> 
>>> attached is an hg export on top of the current dovecot-2.2 branch, which
>>> adds support for a SCRAM-SHA-1 password scheme.
>> 
>> Oh, and SCRAM-SHA1 or SCRAM-SHA-1? I'd think SCRAM-SHA1 as the scheme is now called, but elsewhere in the code (including user-visible strings) it says SCRAM-SHA-1.
>> 
> Well, I usually prefer SCRAM-SHA-1, as that is how it is called in the
> RFC, and SHA-1 is the hash name registered with IANA [1].
> I did call the password scheme SCRAM-SHA1 to be consistent with other
> current password schemes. I'm not 100% sure which one to use, or whether
> a mix might even be the way to go ("correct" messages, but minimum user
> confusion for password schemes).

Hmm. Probably not worth it to have both SCRAM-SHA1 and SCRAM-SHA-1. And now I see that the user-visible strings are about SCRAM-SHA-1 mechanism, not the hash. So yeah, I guess the best way to avoid confusion is to call it SCRAM-SHA-1 everywhere.