[exim-dev] [Bug 2349] Add SCRAM-SHA-1/256 Authentication Met…

Top Page
Delete this message
Reply to this message
Author: admin
Date:  
To: exim-dev
Old-Topics: [exim-dev] [Bug 2349] New: Add SCRAM-SHA-1/256 Authentication Methods in Client mode
Subject: [exim-dev] [Bug 2349] Add SCRAM-SHA-1/256 Authentication Methods in Client mode
https://bugs.exim.org/show_bug.cgi?id=2349

--- Comment #5 from Jeremy Harris <jgh146exb@???> ---
I'm not aware of anybody having the time and enthusiasm to work on it.
It's not only doing the programming, it's having the independent
implementations
to test against, and working out what (and how) to set up in the Exim testsuite
as regression-tests.
As Phil implies: volunteers needed.
Even without the testsuite work, we might well accept offered patches as
"experimental" features (included in the released sourcecode, but not built
except by explicit action of someone working from sourcecode, and not
documented
to the normal standard).


The current cyrus-sasl driver has no client-side support at all, but
at least that means a mostly-clean slate to start from.

The library used for server-side SCRAM-SHA1(-PLUS), via the gsasl driver,
does not appear to support any of the sha2 variants; somewhat of an
implementation barrier via that route.

I do note that Dovecot supports SCRAM-SHA-1
(
https://doc.dovecot.org/configuration_manual/authentication/authentication_mechanisms/
)
so that might be a route to getting the client-side for it.

--
You are receiving this mail because:
You are on the CC list for the bug.