RFC 7804 on Salted Challenge Response HTTP Authentication Mechanism
rfc-editor@rfc-editor.org Wed, 09 March 2016 19:02 UTC
Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: ietf-announce@ietfa.amsl.com
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7FF5E12D789; Wed, 9 Mar 2016 11:02:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.923
X-Spam-Level:
X-Spam-Status: No, score=-106.923 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([127.0.0.1]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id F0rIagkw2SnT; Wed, 9 Mar 2016 11:02:12 -0800 (PST)
Received: from rfc-editor.org (rfc-editor.org [4.31.198.49]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 53F7212D80E; Wed, 9 Mar 2016 11:02:12 -0800 (PST)
Received: by rfc-editor.org (Postfix, from userid 30) id C474D180452; Wed, 9 Mar 2016 11:01:55 -0800 (PST)
To: ietf-announce@ietf.org, rfc-dist@rfc-editor.org
Subject: RFC 7804 on Salted Challenge Response HTTP Authentication Mechanism
X-PHP-Originating-Script: 1005:ams_util_lib.php
From: rfc-editor@rfc-editor.org
Message-Id: <20160309190155.C474D180452@rfc-editor.org>
Date: Wed, 09 Mar 2016 11:01:55 -0800
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf-announce/jVZoGdX6-BGxovzt2_tpo8Dz9jg>
Cc: drafts-update-ref@iana.org, http-auth@ietf.org, rfc-editor@rfc-editor.org
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
Reply-To: ietf@ietf.org
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-announce/>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Mar 2016 19:02:13 -0000
A new Request for Comments is now available in online RFC libraries. RFC 7804 Title: Salted Challenge Response HTTP Authentication Mechanism Author: A. Melnikov Status: Experimental Stream: IETF Date: March 2016 Mailbox: alexey.melnikov@isode.com Pages: 18 Characters: 39440 Updates/Obsoletes/SeeAlso: None I-D Tag: draft-ietf-httpauth-scram-auth-15.txt URL: https://www.rfc-editor.org/info/rfc7804 DOI: http://dx.doi.org/10.17487/RFC7804 This specification describes a family of HTTP authentication mechanisms called the Salted Challenge Response Authentication Mechanism (SCRAM), which provides a more robust authentication mechanism than a plaintext password protected by Transport Layer Security (TLS) and avoids the deployment obstacles presented by earlier TLS-protected challenge response authentication mechanisms. This document is a product of the Hypertext Transfer Protocol Authentication Working Group of the IETF. EXPERIMENTAL: This memo defines an Experimental Protocol for the Internet community. It does not specify an Internet standard of any kind. Discussion and suggestions for improvement are requested. Distribution of this memo is unlimited. This announcement is sent to the IETF-Announce and rfc-dist lists. To subscribe or unsubscribe, see https://www.ietf.org/mailman/listinfo/ietf-announce https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist For searching the RFC series, see https://www.rfc-editor.org/search For downloading RFCs, see https://www.rfc-editor.org/retrieve/bulk Requests for special distribution should be addressed to either the author of the RFC in question, or to rfc-editor@rfc-editor.org. Unless specifically noted otherwise on the RFC itself, all RFCs are for unlimited distribution. The RFC Editor Team Association Management Solutions, LLC