New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SCRAM-SHA-1(-PLUS) + SCRAM-SHA-256(-PLUS) supports #1914
Comments
@the-djmaze: Thanks for your work! I have seen today, your commit in SnappyMail! Maybe you can do a PR for RainLoop? |
@the-djmaze: I have edited the ticket with more informations (TLS Binding: -PLUS variants and other SCRAM...). If you are ready to add SCRAM-SHA-512 and SCRAM-SHA3-512 in SnappyMail, you can ^^ I have added SnappyMail in the scram-sasl/info#1. |
@the-djmaze: Recently SCRAM hashes have been added in:
A good job done by @schengawegga. Maybe you can help for -PLUS variants? And for repositories: |
Dear @RainLoop team,
There is a big security problem, the missing support of SCRAM-SHA-*.
Can you add supports of :
"When using the SASL SCRAM mechanism, the SCRAM-SHA-256-PLUS variant SHOULD be preferred over the SCRAM-SHA-256 variant, and SHA-256 variants [RFC7677] SHOULD be preferred over SHA-1 variants [RFC5802]".
SCRAM-SHA-1(-PLUS):
-- https://tools.ietf.org/html/rfc5802
-- https://tools.ietf.org/html/rfc6120
SCRAM-SHA-256(-PLUS):
-- https://tools.ietf.org/html/rfc7677 since 2015-11-02
-- https://tools.ietf.org/html/rfc8600 since 2019-06-21: https://mailarchive.ietf.org/arch/msg/ietf-announce/suJMmeMhuAOmGn_PJYgX5Vm8lNA
SCRAM-SHA-512(-PLUS):
-- https://tools.ietf.org/html/draft-melnikov-scram-sha-512
SCRAM-SHA3-512(-PLUS):
-- https://tools.ietf.org/html/draft-melnikov-scram-sha3-512
https://xmpp.org/extensions/inbox/hash-recommendations.html
-PLUS variants:
LDAP:
HTTP:
2FA:
IANA:
Linked to:
The text was updated successfully, but these errors were encountered: