UNLIMITED FREE
ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

IETF RFC 7677

SCRAM-SHA-256 and SCRAM-SHA-256-PLUS Simple Authentication and Security Layer (SASL) Mechanisms

active, Most Current
Buy Now
Organization: IETF
Publication Date: 1 November 2015
Status: active
Page Count: 8
scope:

This document registers the Simple Authentication and Security Layer (SASL) mechanisms SCRAM-SHA-256 and SCRAM-SHA-256-PLUS, provides guidance for secure implementation of the original SCRAM-SHA-1-PLUS mechanism, and updates the SCRAM registration procedures of RFC 5802.

Document History

IETF RFC 7677
November 1, 2015
SCRAM-SHA-256 and SCRAM-SHA-256-PLUS Simple Authentication and Security Layer (SASL) Mechanisms
This document registers the Simple Authentication and Security Layer (SASL) mechanisms SCRAM-SHA-256 and SCRAM-SHA-256-PLUS, provides guidance for secure implementation of the original...

References

This document references:
IETF RFC 4422 - Simple Authentication and Security Layer (SASL)
Published by IETF on June 1, 2006
The Simple Authentication and Security Layer (SASL) is a framework for providing authentication and data security services in connection-oriented protocols via replaceable mechanisms. It provides a...
This document references:
IETF RFC 7627 - Transport Layer Security (TLS) Session Hash and Extended Master Secret Extension
Published by IETF on September 1, 2015
The Transport Layer Security (TLS) master secret is not cryptographically bound to important session parameters such as the server certificate. Consequently, it is possible for an active attacker to...
This document is referenced by:
IETF RFC 8600 - Using Extensible Messaging and Presence Protocol (XMPP) for Security Information Exchange
Published by IETF on June 1, 2019
This document describes how to use the Extensible Messaging and Presence Protocol (XMPP) to collect and distribute security incident reports and other security-relevant information between...
This document is referenced by:
IETF RFC 8621 - The JSON Meta Application Protocol (JMAP) for Mail
Published by IETF on August 1, 2019
Abstract This document specifies a data model for synchronising email data with a server using the JSON Meta Application Protocol (JMAP). Clients can use this to efficiently search, access, organise,...
This document is superseded by:
RFC 9266 - Channel Bindings for TLS 1.3
Published by IETF on July 1, 2022
Abstract This document defines a channel binding type, tls-exporter, that is compatible with TLS 1.3 in accordance with RFC 5056, "On the Use of Channel Bindings to Secure Channels". Furthermore, it...
This document is superseded by:
RFC 9266 - Channel Bindings for TLS 1.3
Published by IETF on July 1, 2022
Abstract This document defines a channel binding type, tls-exporter, that is compatible with TLS 1.3 in accordance with RFC 5056, "On the Use of Channel Bindings to Secure Channels". Furthermore, it...
View Less
View All
Advertisement