[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [xmpp] SCRAM as MTI?

From: Peter Saint-Andre <stpeter at stpeter.im>
To: Simon Josefsson <simon at josefsson.org>
Cc: XMPP <xmpp at ietf.org>
Date: Tue, 15 Sep 2009 07:54:36 -0600
In-reply-to: <87eiq8pi5p.fsf at mocca.josefsson.org>
References: <4AAE6984.8040201 at stpeter.im> <87eiq8pi5p.fsf at mocca.josefsson.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 9/15/09 5:21 AM, Simon Josefsson wrote:
> Peter Saint-Andre <stpeter at stpeter.im> writes:
> 
>> The SASL SCRAM mechanism is currently in IETF Last Call:
>>
>> http://www.ietf.org/internet-drafts/draft-ietf-sasl-scram-07.txt
>>
>> This mechanism is intended to replace DIGEST-MD5. Does it make sense for
>> the XMPP WG to specify SCRAM as mandatory-to-implement?
> 
> Yes. (although I'm not a XMPP implementer)
> 
> Did XMPP make use of DIGEST-MD5 security layers, in theory
> (specification) 

In theory, yes (by inheritance from RFC 2831).

> and in practice (implementations)?

Not in practice as far as I know.

Peter

- --
Peter Saint-Andre
https://stpeter.im/


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkqvnJwACgkQNL8k5A2w/vxlqQCg2J52oTA8NqmpDZ+v5yH6T+tt
T4MAoN7c4+8od+XKRvxfHEnQjeSu5qbW
=GkXC
-----END PGP SIGNATURE-----

References:
- [xmpp] SCRAM as MTI?
  - From: Peter Saint-Andre
- Re: [xmpp] SCRAM as MTI?
  - From: Simon Josefsson

Prev by Date: Re: [xmpp] SCRAM as MTI?
Next by Date: Re: [xmpp] SCRAM as MTI?
Previous by thread: Re: [xmpp] SCRAM as MTI?
Next by thread: Re: [xmpp] SCRAM as MTI?
Index(es):
- Date
- Thread

Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.