[kitten] Fwd: I-D Action: draft-hansen-scram-sha256-01.txt

Tony Hansen <tony@att.com> Thu, 24 July 2014 22:57 UTC

Return-Path: <tony@att.com>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 03F2D1A04F1 for <kitten@ietfa.amsl.com>; Thu, 24 Jul 2014 15:57:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZcXB8dg64lah for <kitten@ietfa.amsl.com>; Thu, 24 Jul 2014 15:57:55 -0700 (PDT)
Received: from egssmtp02.att.com (egssmtp02.att.com [144.160.128.166]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 58E6E1A041D for <kitten@ietf.org>; Thu, 24 Jul 2014 15:57:55 -0700 (PDT)
Received: from dns.maillennium.att.com (maillennium.att.com [135.25.114.99]) by egssmtp02.att.com ( EGS R6 8.14.5 TLS/8.14.5) with ESMTP id s6OMvsBu024726 for <kitten@ietf.org>; Thu, 24 Jul 2014 15:57:55 -0700
Received: from vpn-135-70-98-163.vpn.swst.att.com ([135.70.98.163]) by maillennium.att.com (mailgw1) with ESMTP id <20140724225753gw100j0cmee>; Thu, 24 Jul 2014 22:57:53 +0000
X-Originating-IP: [135.70.98.163]
Message-ID: <53D18F6F.1060204@att.com>
Date: Thu, 24 Jul 2014 18:57:51 -0400
From: Tony Hansen <tony@att.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:24.0) Gecko/20100101 Thunderbird/24.6.0
MIME-Version: 1.0
To: kitten@ietf.org
References: <20140724224956.3620.25084.idtracker@ietfa.amsl.com>
In-Reply-To: <20140724224956.3620.25084.idtracker@ietfa.amsl.com>
X-Forwarded-Message-Id: <20140724224956.3620.25084.idtracker@ietfa.amsl.com>
Content-Type: multipart/alternative; boundary="------------050309010005030101000208"
Archived-At: http://mailarchive.ietf.org/arch/msg/kitten/nVX3F6c7urilFSOkWZ5UDEVH2EY
Subject: [kitten] Fwd: I-D Action: draft-hansen-scram-sha256-01.txt
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Jul 2014 22:57:57 -0000

I just posted this update to the document I circulated back in April, 
registering SCRAM-SHA-256 as a SASL mechanism.

I added Minimum iteration-count and OID to the registration form for 
SCRAM-* registrations.

I kept the minimum iteration count for SCRAM-SHA-256 set at 4096. This 
should probably be discussed further.

One question I have for this: would it be worth change SCRAM 
registrations to Expert Review in place of IETF review?

There was discussion in the HTTPAUTH working group this morning, asking 
about the use of SHA2 as an HTTP mechanism instead of the SHA1 being 
discussed in Alexey's draft.

An open question is whether this could/should become a working group 
draft. I am happy with it being handled either that way or keeping it an 
individual AD-sponsored draft. (I've already spoken with Steven and 
Kathleen about that possibility.)

     Tony Hansen

-------- Original Message --------
Subject: 	I-D Action: draft-hansen-scram-sha256-01.txt
Date: 	Thu, 24 Jul 2014 15:49:56 -0700
From: 	internet-drafts@ietf.org
Reply-To: 	internet-drafts@ietf.org
To: 	i-d-announce@ietf.org



A New Internet-Draft is available from the on-line Internet-Drafts directories.


         Title           : SCRAM-SHA-256 and SCRAM-SHA-256-PLUS SASL Mechanisms
         Author          : Tony Hansen
	Filename        : draft-hansen-scram-sha256-01.txt
	Pages           : 5
	Date            : 2014-07-24

Abstract:
    This document registers the SASL mechanisms SCRAM-SHA-256 and SCRAM-
    SHA-256-PLUS.  It also updates RFC 5802 in minor ways.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-hansen-scram-sha256/

There's also a htmlized version available at:
http://tools.ietf.org/html/draft-hansen-scram-sha256-01

A diff from the previous version is available at:
http://www.ietf.org/rfcdiff?url2=draft-hansen-scram-sha256-01


Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/