216
edits
Neustradamus (talk | contribs) m (Neustradamus moved page SASL and SCRAM-SHA-1 to SASL and SCRAM-SHA-1(-PLUS) / SCRAM-SHA-256(-PLUS)) |
Neustradamus (talk | contribs) m |
||
Line 1: | Line 1: | ||
[https://tools.ietf.org/html/rfc5802 Salted Challenge Response Authentication Mechanism (SCRAM) SASL and GSS-API Mechanisms (SCRAM-SHA-1(-PLUS)] is a SASL mechanism improving on [[SASL and DIGEST-MD5|DIGEST-MD5]] | == Introduction == | ||
=== SCRAM-SHA-1(-PLUS) === | |||
[https://tools.ietf.org/html/rfc5802 Salted Challenge Response Authentication Mechanism (SCRAM) SASL and GSS-API Mechanisms (SCRAM-SHA-1(-PLUS)] is a SASL mechanism improving on [[SASL and DIGEST-MD5|DIGEST-MD5]]. | |||
* [https://tools.ietf.org/html/rfc6331 RFC6331: Moving DIGEST-MD5 to Historic] | |||
* CRAM-MD5 to Historic ([https://tools.ietf.org/html/draft-ietf-sasl-crammd5-to-historic-00 draft-ietf-sasl-crammd5-to-historic-00] + [https://tools.ietf.org/html/draft-zeilenga-luis140219-crammd5-to-historic-00 draft-zeilenga-luis140219-crammd5-to-historic-00]) | |||
Its main benefits are in offering both a method to salt and hash the password in storage and in transit. This page aims to give a short introduction on how to implement it in a client. | Its main benefits are in offering both a method to salt and hash the password in storage and in transit. This page aims to give a short introduction on how to implement it in a client. | ||
In [https://tools.ietf.org/html/rfc8600 RFC8600: Using Extensible Messaging and Presence Protocol (XMPP) for Security Information Exchange]: | With changes from TLS 1.2 to TLS 1.3, an Internet-Draft is in progress for TLS Binding and TLS 1.3: [https://tools.ietf.org/html/draft-ietf-kitten-tls-channel-bindings-for-tls13 Channel Bindings for TLS 1.3: draft-ietf-kitten-tls-channel-bindings-for-tls13]. | ||
=== SCRAM-SHA-256(-PLUS) === | |||
Please note that there is now [https://tools.ietf.org/html/rfc7677 RFC7677: SCRAM-SHA-256 and SCRAM-SHA-256-PLUS Simple Authentication and Security Layer (SASL) Mechanisms] (since November 2015). | |||
Aready integrated by several XMPP software: | |||
* Servers: Erlang Solutions MongooseIM 3.7+, Isode M-Link, Jackal IM, Metronome IM, Prosody IM 0.12.x, Tigase XMPP Server 8.0+, DJabberd 0.90+ | |||
* Clients: Conversations, CoyIM, eyeCU, Gajim 1.2.0+, KDE Kaidan, Miranda NG, Psi/Psi+ (with QCA), Tigase Beagle IM, Tigase Siskin IM, Tigase Stork IM, UWPX, Vacuum IM | |||
* Libraries: cr-xmpp, libstrophe, Mellium XMPP, QXmpp, Tigase JaXMPP, TigaseSwift, Stanza, Wocky, xmpp-rs | |||
Others: | |||
* aiokafka, aiosasl, Atheme, Auth_SASL/Auth_SASL2, Authen-SCRAM, cassandra-secure-plugin, ba0f3/scram.nim, Couchbase, Cyrus SASL, Dovecot, Erlang Solutions Escalus, esl/fast_scram, Exim (with gsasl), fast_scram, GNU SASL (gsasl) 1.9.1+, Haystack, Kafka, ldaptive, MailKit, Mellium SASL, Memcached, MongoDB, MySQL 8.0.23+, NeoMutt, ongres/scram, OpenDJ, passlib.hash.scram, PhysoTronic/SASL-SCRAM-SHA256, PostgreSQL 10+, pwithnall/libscram, PyMongo 3.7, Rust SASL, Rust SCRAM, Skyspark, SquirelMail, tlocke/scramp, trondn/java-sasl-scram-sha1, Thunderbird 71, UnboundID LDAP SDK, Vert.x SCRAM, WildFly Elytron, xdg-go/scram, xmpp-webhook | |||
=== SCRAM-SHA-512(-PLUS) === | |||
Possibly, also adding [https://tools.ietf.org/html/draft-melnikov-scram-sha-512 SCRAM-SHA-512 and SCRAM-SHA-512-PLUS Simple Authentication and Security Layer (SASL) Mechanisms: draft-melnikov-scram-sha-512] | |||
=== SCRAM-SHA3-512(-PLUS) === | |||
Possibly, also adding [https://tools.ietf.org/html/draft-melnikov-scram-sha3-512 SCRAM-SHA3-512 and SCRAM-SHA3-512-PLUS Simple Authentication and Security Layer (SASL) Mechanisms: draft-melnikov-scram-sha3-512] | |||
=== Order === | |||
<span style="color:#FF0000">Warning:</span> In [https://tools.ietf.org/html/rfc8600 RFC8600: Using Extensible Messaging and Presence Protocol (XMPP) for Security Information Exchange] (June 2019): | |||
"When using the SASL SCRAM mechanism, the SCRAM-SHA-256-PLUS variant SHOULD be preferred over the SCRAM-SHA-256 variant, and SHA-256 variants [RFC7677] SHOULD be preferred over SHA-1 variants [RFC5802]". | "When using the SASL SCRAM mechanism, the SCRAM-SHA-256-PLUS variant SHOULD be preferred over the SCRAM-SHA-256 variant, and SHA-256 variants [RFC7677] SHOULD be preferred over SHA-1 variants [RFC5802]". | ||
<span style="color:#FF0000"> | <span style="color:#FF0000">But it has been changed</span> in [https://tools.ietf.org/html/draft-ietf-kitten-password-storage-02 draft-ietf-kitten-password-storage-02] (2020) | ||
* SCRAM-SHA-256-PLUS | |||
* SCRAM-SHA-1-PLUS | |||
* SCRAM-SHA-256 | |||
* SCRAM-SHA-1 | |||
== SCRAM-SHA-1(-PLUS) == | == SCRAM-SHA-1(-PLUS) == | ||
Line 168: | Line 199: | ||
== SCRAM-SHA-256(-PLUS) == | == SCRAM-SHA-256(-PLUS) == | ||
Possibly, also adding [https://tools.ietf.org/html/rfc7677 RFC7677: SCRAM-SHA-256 and SCRAM-SHA-256-PLUS Simple Authentication and Security Layer (SASL) Mechanisms] | Possibly, also adding [https://tools.ietf.org/html/rfc7677 RFC7677: SCRAM-SHA-256 and SCRAM-SHA-256-PLUS Simple Authentication and Security Layer (SASL) Mechanisms] | ||
=== Overview === | |||
=== In detail === | |||
=== Extras === | |||
=== Common pitfalls === | |||
=== Test vectors === | |||
== | == SCRAM-SHA-512(-PLUS) == | ||
Possibly, also adding [https://tools.ietf.org/html/draft-melnikov-scram-sha-512 SCRAM-SHA-512 and SCRAM-SHA-512-PLUS Simple Authentication and Security Layer (SASL) Mechanisms: draft-melnikov-scram-sha-512] | |||
=== Overview === | |||
=== In detail === | |||
=== Extras === | |||
=== Common pitfalls === | |||
=== Test vectors === | |||
== SCRAM-SHA3-512(-PLUS) == | |||
Possibly, also adding [https://tools.ietf.org/html/draft-melnikov-scram-sha3-512 SCRAM-SHA3-512 and SCRAM-SHA3-512-PLUS Simple Authentication and Security Layer (SASL) Mechanisms: draft-melnikov-scram-sha3-512] | |||
=== Overview === | |||
=== In detail === | |||
=== Extras === | |||
=== Common pitfalls === | |||
=== Test vectors === | |||
== Channel Bindings == | |||
* [https://tools.ietf.org/html/rfc5056 RFC5056: On the Use of Channel Bindings to Secure Channels] | |||
* [https://tools.ietf.org/html/rfc5929 RFC5929: Channel Bindings for TLS] | |||
* [https://www.iana.org/assignments/channel-binding-types/channel-binding-types.xhtml Channel-Binding Types] | |||
* [https://tools.ietf.org/html/draft-ietf-kitten-tls-channel-bindings-for-tls13 Channel Bindings for TLS 1.3: draft-ietf-kitten-tls-channel-bindings-for-tls13] | |||
== IANA == | == IANA == | ||
* [https://www.iana.org/assignments/sasl-mechanisms/sasl-mechanisms.xhtml Simple Authentication and Security Layer (SASL) Mechanisms] | |||
== LDAP == | == LDAP == | ||
* [https://tools.ietf.org/html/rfc5803 RFC5803: Lightweight Directory Access Protocol (LDAP) Schema for Storing Salted: Challenge Response Authentication Mechanism (SCRAM) Secrets] | |||
== HTTP == | == HTTP == | ||
* [https://tools.ietf.org/html/rfc7804 RFC7804: Salted Challenge Response HTTP Authentication Mechanism] | |||
== 2FA == | |||
* [https://tools.ietf.org/html/draft-melnikov-scram-2fa Extensions to Salted Challenge Response (SCRAM) for 2 factor authentication: draft-melnikov-scram-2fa] |
edits