mina-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From GitBox <...@apache.org>
Subject [GitHub] [mina-vysper] Neustradamus opened a new issue #18: SCRAM-SHA-1(-PLUS) + SCRAM-SHA-256(-PLUS) + SCRAM-SHA-512(-PLUS) + SCRAM-SHA3-512(-PLUS) supports
Date Thu, 07 Jan 2021 00:54:18 GMT

Neustradamus opened a new issue #18:
URL: https://github.com/apache/mina-vysper/issues/18


   Can you add supports of :
   - SCRAM-SHA-1
   - SCRAM-SHA-1-PLUS
   - SCRAM-SHA-224
   - SCRAM-SHA-224-PLUS
   - SCRAM-SHA-256
   - SCRAM-SHA-256-PLUS
   - SCRAM-SHA-384
   - SCRAM-SHA-384-PLUS
   - SCRAM-SHA-512
   - SCRAM-SHA-512-PLUS
   - SCRAM-SHA3-512
   - SCRAM-SHA3-512-PLUS
   
   "When using the SASL SCRAM mechanism, the SCRAM-SHA-256-PLUS variant SHOULD be preferred
over the SCRAM-SHA-256 variant, and SHA-256 variants [RFC7677] SHOULD be preferred over SHA-1
variants [RFC5802]".
   
   - SCRAM-SHA-1(-PLUS):
   -- https://tools.ietf.org/html/rfc5802
   -- https://tools.ietf.org/html/rfc6120
   
   - SCRAM-SHA-256(-PLUS):
   -- https://tools.ietf.org/html/rfc7677 since 2015-11-02
   -- https://tools.ietf.org/html/rfc8600 since 2019-06-21: https://mailarchive.ietf.org/arch/msg/ietf-announce/suJMmeMhuAOmGn_PJYgX5Vm8lNA
   
   - SCRAM-SHA-512(-PLUS):
   -- https://tools.ietf.org/html/draft-melnikov-scram-sha-512
   
   - SCRAM-SHA3-512(-PLUS):
   -- https://tools.ietf.org/html/draft-melnikov-scram-sha3-512
   
   https://xmpp.org/extensions/inbox/hash-recommendations.html
   
   -PLUS variants:
   - RFC5056: On the Use of Channel Bindings to Secure Channels: https://tools.ietf.org/html/rfc5056
   - RFC5929: Channel Bindings for TLS: https://tools.ietf.org/html/rfc5929
   - Channel-Binding Types: https://www.iana.org/assignments/channel-binding-types/channel-binding-types.xhtml
   - Channel Bindings for SCRAM over TLS 1.3: https://tools.ietf.org/html/draft-whited-tls-channel-bindings-for-tls13
-> https://tools.ietf.org/html/draft-ietf-kitten-tls-channel-bindings-for-tls13
   
   LDAP:
   - RFC5803: Lightweight Directory Access Protocol (LDAP) Schema for Storing Salted: Challenge
Response Authentication Mechanism (SCRAM) Secrets: https://tools.ietf.org/html/rfc5803
   
   HTTP:
   - RFC7804: Salted Challenge Response HTTP Authentication Mechanism: https://tools.ietf.org/html/rfc7804
   
   2FA:
   - Extensions to Salted Challenge Response (SCRAM) for 2 factor authentication: https://tools.ietf.org/html/draft-melnikov-scram-2fa
   
   IANA:
   - Simple Authentication and Security Layer (SASL) Mechanisms: https://www.iana.org/assignments/sasl-mechanisms/sasl-mechanisms.xhtml
   
   Linked to:
   - https://github.com/scram-xmpp/info/issues/1


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@mina.apache.org
For additional commands, e-mail: dev-help@mina.apache.org


Mime
View raw message