[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
SCRAM-SHA-1 interop
From: |
Simon Josefsson |
Subject: |
SCRAM-SHA-1 interop |
Date: |
Fri, 19 Feb 2010 15:13:17 +0100 |
User-agent: |
Gnus/5.110011 (No Gnus v0.11) Emacs/23.1 (gnu/linux) |
FYI, I've just completed interop testing of the GNU SASL SCRAM-SHA-1
server against Alexey Melnikov's implementation for Cyrus SASL, and we
didn't discover any issue on the GNU SASL side. We'll try to test the
client side of GNU SASL against a Cyrus SASL based server later.
During discussion I realized two things that we may want to improve in
GNU SASL:
* Reject too low iteration counts on the client side
(Alexey rejects < 4096)
* Reject too high iteration counts on the client side
(for DoS protection)
/Simon
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- SCRAM-SHA-1 interop,
Simon Josefsson <=