[kitten] Fwd: I-D Action: draft-hansen-scram-sha256-01.txt
Tony Hansen <tony@att.com> Thu, 24 July 2014 22:57 UTC
Return-Path: <tony@att.com>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 03F2D1A04F1 for <kitten@ietfa.amsl.com>; Thu, 24 Jul 2014 15:57:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZcXB8dg64lah for <kitten@ietfa.amsl.com>; Thu, 24 Jul 2014 15:57:55 -0700 (PDT)
Received: from egssmtp02.att.com (egssmtp02.att.com [144.160.128.166]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 58E6E1A041D for <kitten@ietf.org>; Thu, 24 Jul 2014 15:57:55 -0700 (PDT)
Received: from dns.maillennium.att.com (maillennium.att.com [135.25.114.99]) by egssmtp02.att.com ( EGS R6 8.14.5 TLS/8.14.5) with ESMTP id s6OMvsBu024726 for <kitten@ietf.org>; Thu, 24 Jul 2014 15:57:55 -0700
Received: from vpn-135-70-98-163.vpn.swst.att.com ([135.70.98.163]) by maillennium.att.com (mailgw1) with ESMTP id <20140724225753gw100j0cmee>; Thu, 24 Jul 2014 22:57:53 +0000
X-Originating-IP: [135.70.98.163]
Message-ID: <53D18F6F.1060204@att.com>
Date: Thu, 24 Jul 2014 18:57:51 -0400
From: Tony Hansen <tony@att.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:24.0) Gecko/20100101 Thunderbird/24.6.0
MIME-Version: 1.0
To: kitten@ietf.org
References: <20140724224956.3620.25084.idtracker@ietfa.amsl.com>
In-Reply-To: <20140724224956.3620.25084.idtracker@ietfa.amsl.com>
X-Forwarded-Message-Id: <20140724224956.3620.25084.idtracker@ietfa.amsl.com>
Content-Type: multipart/alternative; boundary="------------050309010005030101000208"
Archived-At: http://mailarchive.ietf.org/arch/msg/kitten/nVX3F6c7urilFSOkWZ5UDEVH2EY
Subject: [kitten] Fwd: I-D Action: draft-hansen-scram-sha256-01.txt
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Jul 2014 22:57:57 -0000
I just posted this update to the document I circulated back in April, registering SCRAM-SHA-256 as a SASL mechanism. I added Minimum iteration-count and OID to the registration form for SCRAM-* registrations. I kept the minimum iteration count for SCRAM-SHA-256 set at 4096. This should probably be discussed further. One question I have for this: would it be worth change SCRAM registrations to Expert Review in place of IETF review? There was discussion in the HTTPAUTH working group this morning, asking about the use of SHA2 as an HTTP mechanism instead of the SHA1 being discussed in Alexey's draft. An open question is whether this could/should become a working group draft. I am happy with it being handled either that way or keeping it an individual AD-sponsored draft. (I've already spoken with Steven and Kathleen about that possibility.) Tony Hansen -------- Original Message -------- Subject: I-D Action: draft-hansen-scram-sha256-01.txt Date: Thu, 24 Jul 2014 15:49:56 -0700 From: internet-drafts@ietf.org Reply-To: internet-drafts@ietf.org To: i-d-announce@ietf.org A New Internet-Draft is available from the on-line Internet-Drafts directories. Title : SCRAM-SHA-256 and SCRAM-SHA-256-PLUS SASL Mechanisms Author : Tony Hansen Filename : draft-hansen-scram-sha256-01.txt Pages : 5 Date : 2014-07-24 Abstract: This document registers the SASL mechanisms SCRAM-SHA-256 and SCRAM- SHA-256-PLUS. It also updates RFC 5802 in minor ways. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-hansen-scram-sha256/ There's also a htmlized version available at: http://tools.ietf.org/html/draft-hansen-scram-sha256-01 A diff from the previous version is available at: http://www.ietf.org/rfcdiff?url2=draft-hansen-scram-sha256-01 Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/
- [kitten] Fwd: I-D Action: draft-hansen-scram-sha2… Tony Hansen
- Re: [kitten] Fwd: I-D Action: draft-hansen-scram-… Shawn M Emery
- Re: [kitten] Fwd: I-D Action: draft-hansen-scram-… Russ Allbery
- Re: [kitten] Fwd: I-D Action: draft-hansen-scram-… Tony Hansen
- Re: [kitten] Fwd: I-D Action: draft-hansen-scram-… Simon Josefsson
- [kitten] draft-hansen-scram-sha256-02 posted Tony Hansen
- Re: [kitten] draft-hansen-scram-sha256-02 posted Alexey Melnikov
- Re: [kitten] draft-hansen-scram-sha256-02 posted Tony Hansen