SCRAM-SHA-1-PLUS / SCRAM-SHA-224(-PLUS) / SCRAM-SHA-256(-PLUS), SCRAM-SHA-384(-PLUS) and SCRAM-SHA-512(-PLUS) supports
- Neustradamus -
neustradamus at hotmail.com
Fri Nov 15 23:58:44 EET 2019
Dear all,
I send you a new email to know what is the progress of SCRAM-SHA-***(-PLUS) supports?
Currently there is only SCRAM-SHA-1: https://doc.dovecot.org/configuration_manual/authentication/password_schemes/.
- RFC6331: Moving DIGEST-MD5 to Historic: https://tools.ietf.org/html/rfc6331
- RFC5802: Salted Challenge Response Authentication Mechanism (SCRAM) SASL and GSS-API Mechanisms: https://tools.ietf.org/html/rfc5802
- RFC7677: SCRAM-SHA-256 and SCRAM-SHA-256-PLUS Simple Authentication and Security Layer (SASL) Mechanisms: https://tools.ietf.org/html/rfc7677 - since 2015-11-02
I have seen several months ago, commits about SCRAM-SHA-256.
For your information, Cyrus SASL supports:
- SCRAM-SHA-1(-PLUS)
- SCRAM-SHA-224(-PLUS)
- SCRAM-SHA-256(-PLUS)
- SCRAM-SHA-384(-PLUS)
- SCRAM-SHA-512(-PLUS)
-> https://cyrusimap.org/sasl/sasl/authentication_mechanisms.html
You can see more and more informations here: https://github.com/scram-xmpp/info/issues/1
Thanks in advance.
Regards,
Neustradamus
More information about the dovecot
mailing list