Re: [kitten] Fwd: I-D Action: draft-hansen-scram-sha256-01.txt
Shawn M Emery <shawn.emery@oracle.com> Fri, 08 August 2014 07:02 UTC
Return-Path: <shawn.emery@oracle.com>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B22421A03AC for <kitten@ietfa.amsl.com>; Fri, 8 Aug 2014 00:02:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SOI-TDUA5aNA for <kitten@ietfa.amsl.com>; Fri, 8 Aug 2014 00:02:13 -0700 (PDT)
Received: from userp1040.oracle.com (userp1040.oracle.com [156.151.31.81]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4157C1A036B for <kitten@ietf.org>; Fri, 8 Aug 2014 00:02:13 -0700 (PDT)
Received: from acsinet22.oracle.com (acsinet22.oracle.com [141.146.126.238]) by userp1040.oracle.com (Sentrion-MTA-4.3.2/Sentrion-MTA-4.3.2) with ESMTP id s7872BRZ005599 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for <kitten@ietf.org>; Fri, 8 Aug 2014 07:02:12 GMT
Received: from aserz7022.oracle.com (aserz7022.oracle.com [141.146.126.231]) by acsinet22.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id s7872BGg017328 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <kitten@ietf.org>; Fri, 8 Aug 2014 07:02:11 GMT
Received: from abhmp0016.oracle.com (abhmp0016.oracle.com [141.146.116.22]) by aserz7022.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id s7872BFk017319 for <kitten@ietf.org>; Fri, 8 Aug 2014 07:02:11 GMT
Received: from [10.154.154.235] (/10.154.154.235) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Fri, 08 Aug 2014 00:02:10 -0700
Message-ID: <53E47603.3080302@oracle.com>
Date: Fri, 08 Aug 2014 01:02:27 -0600
From: Shawn M Emery <shawn.emery@oracle.com>
User-Agent: Mozilla/5.0 (X11; SunOS i86pc; rv:17.0) Gecko/20140508 Thunderbird/17.0.11
MIME-Version: 1.0
To: "kitten@ietf.org" <kitten@ietf.org>
References: <20140724224956.3620.25084.idtracker@ietfa.amsl.com> <53D18F6F.1060204@att.com>
In-Reply-To: <53D18F6F.1060204@att.com>
Content-Type: multipart/alternative; boundary="------------030406010409060805010009"
X-Source-IP: acsinet22.oracle.com [141.146.126.238]
Archived-At: http://mailarchive.ietf.org/arch/msg/kitten/a76KZYwgTX7exx9EId0dfKumrH8
Subject: Re: [kitten] Fwd: I-D Action: draft-hansen-scram-sha256-01.txt
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Aug 2014 07:02:16 -0000
On 7/24/14 4:57 PM, Tony Hansen wrote: > I just posted this update to the document I circulated back in April, > registering SCRAM-SHA-256 as a SASL mechanism. > > I added Minimum iteration-count and OID to the registration form for > SCRAM-* registrations. > > I kept the minimum iteration count for SCRAM-SHA-256 set at 4096. This > should probably be discussed further. I know RFC 3962 calls for 4096 rounds for SHA-1. I haven't heard of anything that would make us want to change this. Are there specific use-cases for this mechanism that would be negatively affected when choosing a higher iteration or is there guidance on policies when using this number of iterations or lower? > One question I have for this: would it be worth change SCRAM > registrations to Expert Review in place of IETF review? Do you envision a number of future mechanisms under the SCRAM* family? If not then I would prefer leaving it as IETF review. > There was discussion in the HTTPAUTH working group this morning, > asking about the use of SHA2 as an HTTP mechanism instead of the SHA1 > being discussed in Alexey's draft. > > An open question is whether this could/should become a working group > draft. I am happy with it being handled either that way or keeping it > an individual AD-sponsored draft. (I've already spoken with Steven and > Kathleen about that possibility.) Speaking as co-chair; it has been a strain on the WG's resources with getting through the previous and current set of SASL work items. So my initial position on this would be to have this draft AD-sponsored. Shawn. -- > -------- Original Message -------- > Subject: I-D Action: draft-hansen-scram-sha256-01.txt > Date: Thu, 24 Jul 2014 15:49:56 -0700 > From: internet-drafts@ietf.org > Reply-To: internet-drafts@ietf.org > To: i-d-announce@ietf.org > > > > A New Internet-Draft is available from the on-line Internet-Drafts directories. > > > Title : SCRAM-SHA-256 and SCRAM-SHA-256-PLUS SASL Mechanisms > Author : Tony Hansen > Filename : draft-hansen-scram-sha256-01.txt > Pages : 5 > Date : 2014-07-24 > > Abstract: > This document registers the SASL mechanisms SCRAM-SHA-256 and SCRAM- > SHA-256-PLUS. It also updates RFC 5802 in minor ways. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-hansen-scram-sha256/ > > There's also a htmlized version available at: > http://tools.ietf.org/html/draft-hansen-scram-sha256-01 > > A diff from the previous version is available at: > http://www.ietf.org/rfcdiff?url2=draft-hansen-scram-sha256-01 > > > Please note that it may take a couple of minutes from the time of submission > until the htmlized version and diff are available at tools.ietf.org. > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > > > _______________________________________________ > Kitten mailing list > Kitten@ietf.org > https://www.ietf.org/mailman/listinfo/kitten
- [kitten] Fwd: I-D Action: draft-hansen-scram-sha2… Tony Hansen
- Re: [kitten] Fwd: I-D Action: draft-hansen-scram-… Shawn M Emery
- Re: [kitten] Fwd: I-D Action: draft-hansen-scram-… Russ Allbery
- Re: [kitten] Fwd: I-D Action: draft-hansen-scram-… Tony Hansen
- Re: [kitten] Fwd: I-D Action: draft-hansen-scram-… Simon Josefsson
- [kitten] draft-hansen-scram-sha256-02 posted Tony Hansen
- Re: [kitten] draft-hansen-scram-sha256-02 posted Alexey Melnikov
- Re: [kitten] draft-hansen-scram-sha256-02 posted Tony Hansen