Implement SCRAM-SHA-256 SCRAM variant

XMLWordPrintableJSON

    • Type: Improvement
    • Resolution: Fixed
    • Priority: Major - P3
    • 3.7.2
    • Affects Version/s: None
    • Component/s: Security
    • None
    • Minor Change
    • Platforms 2018-02-12
    • None
    • None
    • None
    • None
    • None
    • None
    • None

      Specialize the SCRAM-SHA-1 mechanism, to provide a new mechanism supporting SCRAM-SHA-256.

      This may require adding some additional customization points to the SCRAM-SHA-1 templates.

      The server will need to expose, and the mechanism will need to consume, a scramSHA256IterationCount setParameter.

      The SCRAM-SHA-256 mechanism will need to consume ICU4C for SASLPrep normalization of usernames and passwords.

      The SCRAM-SHA-1 unittests should be generalized to test both mechanisms.

            Assignee:
            Sara Golemon (Inactive)
            Reporter:
            Spencer Jackson
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: