Re: [kitten] Comments on draft-ietf-kitten-password-storage-00
Sam Whited <sam@samwhited.com> Wed, 04 November 2020 19:07 UTC
Return-Path: <sam@samwhited.com>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 68A893A0F7F; Wed, 4 Nov 2020 11:07:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=samwhited.com header.b=sj9KyeW9; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=KGs+GBXv
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id y1bli3bn5Pjv; Wed, 4 Nov 2020 11:07:12 -0800 (PST)
Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 34DA83A0F74; Wed, 4 Nov 2020 11:07:12 -0800 (PST)
Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id 7E8DD5C018A; Wed, 4 Nov 2020 14:07:11 -0500 (EST)
Received: from imap34 ([10.202.2.84]) by compute4.internal (MEProxy); Wed, 04 Nov 2020 14:07:11 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=samwhited.com; h=mime-version:message-id:in-reply-to:references:date:from:to :cc:subject:content-type:content-transfer-encoding; s=fm1; bh=J7 VRGZLALjTWCwF5l/d4QlIfFFroI/b6iwJPoq7IJvs=; b=sj9KyeW9a6wGFBOws4 yilqnITjMyQJTYEmbA6mYSKJ+zKq+T3Ne0Z5xd9iKpjfTAyY3Kfv/mzyh41wda+B YQREUUph0ekyjJK5DAZxqCogAhxhoMeJR8hSTaT3QMeosNS3N3hrnGT+ndQEX3uM 1p/LNGFMANvSMjMGGIMcvjcnkZpZk2qW5JVjFi79hL1UI+o7mwxWiOB1eQegIEIK V7TDZqDC/2JXqXwtmABeLjFeu8uTlLvQUUYJw/wHSGz0BWtkf068Z1dDdR6eqoaZ yATOP1C0QsKtAXO/08FiIIHkx2aC6o0dPP61Lq4yOmqjoPHznZffvFCDG2L7Hpuy rsIQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm1; bh=J7VRGZLALjTWCwF5l/d4QlIfFFroI/b6iwJPoq7IJ vs=; b=KGs+GBXvDYBllgOJnS7e9Wxu3OSuQSgakJE/ISh3Er9zp9xGMNZUvJgeO /5pQLcgCK2QPllVugPwWFNrzKhzEspNqUsjizP2TDlM3VFY5ytCFPBA+pKQ+thoa PoTL8vcdKJ776HDJV2exF7pDPZQrP0EKt16TMw3IQOCkmf/QzG8/0u3sf5PcDdUe LrxIhfnAwpL0mlANF2r31IGz2xHLk5GmwrPMV7l2Y2ZdAzQpDoHLugX89rTYRjJk kBhAXdMukRtH0GFUZmMWdIKgoAnrZPd27tevOlZPYVFQ+qoymSqMoq6GHo+ioJ5m lo2R0dNipUQY8aMEFUjaPvtpHY/nQ==
X-ME-Sender: <xms:3fuiXzUi6k8bwzFUbojrFHHgmpHN1RKq15rSQ28SBkHCtw4-7xIKHw> <xme:3fuiX7lKPijaDLK-jPg_Nb5-BEr4TuEqsoLaYQ6ipuNMT2VGxQmRAGXFMKQt4LQtm ViRdkGZCyrz6U_ZwQ>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedujedruddthedguddvvdcutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd enucfjughrpefofgggkfgjfhffhffvufgtgfesthhqredtreerjeenucfhrhhomhepfdfu rghmucghhhhithgvugdfuceoshgrmhesshgrmhifhhhithgvugdrtghomheqnecuggftrf grthhtvghrnhepvdffuedvudfhfedvieehueekfffhkeejvefggfegtdelhffhhfeiveek udevhfejnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomh epshgrmhesshgrmhifhhhithgvugdrtghomh
X-ME-Proxy: <xmx:3fuiX_ZelGGp-uEXlpx2FeaWDFL9N-4uPKJWRjNuvFB10LdAj7Bxhw> <xmx:3fuiX-XeKP3_VcYiF3s4ETfY3sRl0FNR223tDYK9qQ4JvVH7D_9suQ> <xmx:3fuiX9lpCNBU-dm7G59_UL1wW_kqh9B127p8mgyA8hXGnbeleRuuiw> <xmx:3_uiXzgpfxePVYsNlKhMsI3X8ZcuAw-O4jovFIBaiTsVuwIBBNVuBg>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id 4D9271460063; Wed, 4 Nov 2020 14:07:09 -0500 (EST)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.3.0-530-g8da6958-fm-20201021.003-g69105b13-v35
Mime-Version: 1.0
Message-Id: <c4575fc5-7fe8-49bf-8d3f-120c37ee5991@www.fastmail.com>
In-Reply-To: <DM5PR14MB13088072C2B2970C804FFBE6B8EF0@DM5PR14MB1308.namprd14.prod.outlook.com>
References: <6dde1303-3d0c-6811-c201-00edbe5ab84e@bluepopcorn.net> <jlgk0wleoi6.fsf@redhat.com> <DM5PR14MB130837085BB6E5FB1B592469B8140@DM5PR14MB1308.namprd14.prod.outlook.com> <099cf65d-5a57-4e64-93cd-8504aa3bb97d@www.fastmail.com> <cdb36f4a-12e9-c5ee-aa2a-d31685660d13@isode.com> <d20a0afc-92eb-4de0-b2ec-2739af56fcf2@www.fastmail.com> <DM5PR14MB13088072C2B2970C804FFBE6B8EF0@DM5PR14MB1308.namprd14.prod.outlook.com>
Date: Wed, 04 Nov 2020 14:06:49 -0500
From: Sam Whited <sam@samwhited.com>
To: Ludovic BOCQUET <lbxmpp@live.com>, Alexey Melnikov <alexey.melnikov@isode.com>, Robbie Harwood <rharwood@redhat.com>, Jim Fenton <fenton@bluepopcorn.net>, KITTEN Working Group <kitten@ietf.org>
Cc: "draft-ietf-kitten-password-storage@ietf.org" <draft-ietf-kitten-password-storage@ietf.org>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/kitten/7JQeJWnaanW-1PXDUk6EzBGhWIA>
Subject: Re: [kitten] Comments on draft-ietf-kitten-password-storage-00
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Nov 2020 19:07:13 -0000
On Wed, Nov 4, 2020, at 13:03, Ludovic BOCQUET wrote: > thanks to Sam for finally listening to me. My apologies if I misunderstood, I thought you were advocating for: * SCRAM-SHA-256-PLUS * SCRAM-SHA-256 * SCRAM-SHA-1-PLUS * SCRAM-SHA-1 Which is not what we're going with for now. I did like the idea of separating the -PLUS mechanisms out into two levels though to indicate that even if SHA-1 is just as secure right now, it is likely in the process of being deprecated as Alexey suggested. > Do not forget to add in the next version of "draft-ietf-kitten-password- > storage" Internet-Draft: > * SCRAM-SHA3-512-PLUS … As discussed, I do not currently plan on doing this. Let's wait and see how those I-Ds develop first. —Sam
- [kitten] Comments on draft-ietf-kitten-password-s… Jim Fenton
- Re: [kitten] Comments on draft-ietf-kitten-passwo… Robbie Harwood
- Re: [kitten] Comments on draft-ietf-kitten-passwo… Sam Whited
- Re: [kitten] Comments on draft-ietf-kitten-passwo… Ludovic BOCQUET
- Re: [kitten] Comments on draft-ietf-kitten-passwo… Sam Whited
- Re: [kitten] Comments on draft-ietf-kitten-passwo… Sam Whited
- Re: [kitten] Comments on draft-ietf-kitten-passwo… Alexey Melnikov
- Re: [kitten] Comments on draft-ietf-kitten-passwo… Sam Whited
- Re: [kitten] Comments on draft-ietf-kitten-passwo… Ludovic BOCQUET
- Re: [kitten] Comments on draft-ietf-kitten-passwo… Sam Whited
- Re: [kitten] Comments on draft-ietf-kitten-passwo… Sam Whited
- Re: [kitten] Comments on draft-ietf-kitten-passwo… Alexey Melnikov
- Re: [kitten] Comments on draft-ietf-kitten-passwo… Ludovic BOCQUET
- Re: [kitten] Comments on draft-ietf-kitten-passwo… Sam Whited
- Re: [kitten] Comments on draft-ietf-kitten-passwo… Ludovic BOCQUET