Protocol Action: 'SCRAM-SHA-256 and SCRAM-SHA-256-PLUS SASL Mechanisms' to Proposed Standard (draft-hansen-scram-sha256-04.txt)
The IESG <iesg-secretary@ietf.org> Tue, 08 September 2015 14:51 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietfa.amsl.com
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4EAC21B49C3 for <ietf-announce@ietfa.amsl.com>; Tue, 8 Sep 2015 07:51:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.9
X-Spam-Level:
X-Spam-Status: No, score=-101.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NeAFNyO7vekN; Tue, 8 Sep 2015 07:51:10 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id DCD591B49F6; Tue, 8 Sep 2015 07:51:04 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Subject: Protocol Action: 'SCRAM-SHA-256 and SCRAM-SHA-256-PLUS SASL Mechanisms' to Proposed Standard (draft-hansen-scram-sha256-04.txt)
X-Test-IDTracker: no
X-IETF-IDTracker: 6.4.1
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20150908145104.9735.90301.idtracker@ietfa.amsl.com>
Date: Tue, 08 Sep 2015 07:51:04 -0700
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf-announce/FlJZKidkU0ndF6IeUowQ560o7E0>
Cc: RFC Editor <rfc-editor@rfc-editor.org>
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.15
Reply-To: ietf@ietf.org
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-announce/>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Sep 2015 14:51:11 -0000
The IESG has approved the following document: - 'SCRAM-SHA-256 and SCRAM-SHA-256-PLUS SASL Mechanisms' (draft-hansen-scram-sha256-04.txt) as Proposed Standard This document has been reviewed in the IETF but is not the product of an IETF Working Group. The IESG contact person is Stephen Farrell. A URL of this Internet Draft is: https://datatracker.ietf.org/doc/draft-hansen-scram-sha256/ Technical Summary This document registers the SASL mechanisms SCRAM-SHA-256 and SCRAM-SHA-256-PLUS. It also updates the SCRAM mechanism registration procedures of RFC 5802, by updating the mailing list reference and adding a few more requirements. Working Group Summary This is an individual submission, but the document had an adequate number of reviews on the Kitten WG mailing list. It was also mentioned/discussed in the HTTPAUTH WG. The document is pretty straigtforward, but one issue resulted in a longer discussion: tls-unique channel binding is now known to be broken unless use of draft-ietf-tls-session-hash-06 TLS extension is negotiated. While ideally the base SCRAM document should have been updated to mention this, it is useful to mention this issue in this draft. Document Quality This is a pretty simple specification. I (SF) don't know of implementations. Personnel Alexey Melnikov is the document shepherd. Stephen Farrell is the irresponsible AD. RFC Editor Note In the abstract please remove the colon after "registers:" and s/provdes/provides/