SCRAM-SHA-1 and SCRAM-SHA-1-PLUS + SCRAM-SHA-256(-PLUS) supports

Neustradamus · January 26, 2019, 2:32am

I think that there was a bug in Ignite Realtime Discourse, publication has been removed ^^

Users and devs request informations about SCRAM in more SCRAM-SHA-1, the missing SCRAM-SHA-1-PLUS point from RFC6120 (March 2011) and SCRAM-SHA-256(-PLUS):

SCRAM-SHA-1-PLUS (RFC5802 + RFC6120)
SCRAM-SHA-256(-PLUS) (RFC7677 + draft-ietf-mile-xmpp-grid)

Why not SCRAM-SHA-512(-PLUS).

Source:

Salted Challenge Response Authentication Mechanism (SCRAM): SASL and GSS-API Mechanisms: https://tools.ietf.org/html/rfc5802
Extensible Messaging and Presence Protocol (XMPP): Core: https://tools.ietf.org/html/rfc6120
SCRAM-SHA-256 and SCRAM-SHA-256-PLUS: Simple Authentication and Security Layer (SASL) Mechanisms: https://tools.ietf.org/html/rfc7677
Using XMPP for Security Information Exchange: https://tools.ietf.org/html/draft-ietf-mile-xmpp-grid

Cassette_Chroot · January 26, 2019, 2:45am

https://docs.mongodb.com/manual/core/security-scram/

I dont know whats the diff of all scram but good to know

Neustradamus · April 4, 2019, 3:12pm

I have done a best message: https://github.com/processone/ejabberd/issues/2742#issuecomment-451468219, badly, no news from IgniteRealtime about it.

system · July 13, 2019, 3:13pm

This topic was automatically closed 100 days after the last reply. New replies are no longer allowed.