Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

State of Play #1

Open
Neustradamus opened this issue Jul 15, 2019 · 6 comments
Open

State of Play #1

Neustradamus opened this issue Jul 15, 2019 · 6 comments

Comments

@Neustradamus
Copy link
Collaborator

Neustradamus commented Jul 15, 2019

Welcome, this page informs you about the security, all SCRAM variants and Channel Binding (-PLUS variants) too.


Important history:

CRAM-MD5 to Historic:

RFC6331: Moving DIGEST-MD5 to Historic:

RFC8600: https://tools.ietf.org/html/rfc8600 (2019-06-21): https://mailarchive.ietf.org/arch/msg/ietf-announce/suJMmeMhuAOmGn_PJYgX5Vm8lNA
When using the SASL SCRAM mechanism, the SCRAM-SHA-256-PLUS variant SHOULD be preferred over the SCRAM-SHA-256 variant, and SHA-256 variants [RFC7677] SHOULD be preferred over SHA-1 variants [RFC5802].

But in "Best practices for password hashing and storage" expired I-D:

- EXTERNAL
- SCRAM-SHA-256-PLUS
- SCRAM-SHA-1-PLUS
- SCRAM-SHA-256
- SCRAM-SHA-1
- PLAIN

About Channel Binding (for -PLUS variants):

Some important XEPs:

Little details, to know easily:

  • tls-unique for TLS =< 1.2 (RFC5929)
  • tls-server-end-point (RFC5929)
  • tls-exporter for TLS = 1.3 (RFC9266)

After the jabber.ru MITM, Channel Binding is the solution:


SCRAM-SHA-1(-PLUS):

SCRAM-SHA-256(-PLUS):

SCRAM-SHA-512(-PLUS):

SCRAM-SHA3-512(-PLUS):

SCRAM BIS: Salted Challenge Response Authentication Mechanism (SCRAM) SASL and GSS-API Mechanisms:

IMAP:

LDAP:

  • RFC5803: Lightweight Directory Access Protocol (LDAP) Schema for Storing Salted Challenge Response Authentication Mechanism (SCRAM) Secrets: https://tools.ietf.org/html/rfc5803 // July 2010

HTTP:

JMAP:

2FA:

IANA:

SASL2:


Article: Convert old unsecured MD5 passwords to SCRAM-SHA-256 with PostgreSQL: https://info.crunchydata.com/blog/how-to-upgrade-postgresql-passwords-to-scram

Since PostgreSQL 10, MD5 -> SCRAM-SHA-256:
SCRAM-SHA-256 has been added in PostgreSQL 10
SCRAM-SHA-256-PLUS variant (with TLS Binding) has been added in PostgreSQL 13
SCRAM-SHA-256 is selected by default in PostgreSQL 14


SCRAM-SHA-1(-PLUS) and SCRAM-SHA-256(-PLUS):

SCRAM-SHA-1 and SCRAM-SHA-256:

SCRAM-SHA-256(-PLUS):

SCRAM-SHA-256:

SCRAM-SHA-256 and SCRAM-SHA-512:

SCRAM-SHA-1, SCRAM-SHA-224, SCRAM-SHA-256, SCRAM-SHA-384, SCRAM-SHA-512 and SCRAM-SHA3-512:

SCRAM-SHA-1(-PLUS), SCRAM-SHA-224(-PLUS), SCRAM-SHA-256(-PLUS), SCRAM-SHA-384(-PLUS), SCRAM-SHA-512(-PLUS) and SCRAM-SHA3-512(-PLUS):

  • Salted Challenge Response Authentication Mechanism [SCRAM-SHA-1(-PLUS) SCRAM-SHA-224 SCRAM-SHA-256(-PLUS) SCRAM-SHA-384 SCRAM-SHA-512(-PLUS) SCRAM-SHA3-512(-PLUS)] (scram.nim): https://github.com/ba0f3/scram.nim

SCRAM-SHA-1, SCRAM-SHA-256, SCRAM-SHA-512 and SCRAM-SHA3-512:

SCRAM-SHA-1(-PLUS), SCRAM-SHA-256(-PLUS), SCRAM-SHA-512(-PLUS) and SCRAM-SHA3-512(-PLUS):

SCRAM-SHA-1, SCRAM-SHA-256 and SCRAM-SHA-512:

SCRAM-SHA-1(-PLUS), SCRAM-SHA-256(-PLUS) and SCRAM-SHA-512(-PLUS):

SCRAM-SHA-1, SCRAM-SHA-256, SCRAM-SHA-384 and SCRAM-SHA-512:

SCRAM-SHA-1, SCRAM-SHA-224, SCRAM-SHA-256, SCRAM-SHA-384 and SCRAM-SHA-512:

SCRAM-SHA-1(-PLUS), SCRAM-SHA-224(-PLUS), SCRAM-SHA-256(-PLUS), SCRAM-SHA-384(-PLUS) and SCRAM-SHA-512(-PLUS):

SCRAM-SHA-1(-PLUS), SCRAM-SHA-256(-PLUS), SCRAM-SHA-384(-PLUS) and SCRAM-SHA-512(-PLUS):

SCRAM-SHA-1, SCRAM-SHA-256(-PLUS) and SCRAM-SHA-512(-PLUS):

SCRAM-SHA-1(-PLUS):

SCRAM-SHA-1 and SCRAM-SHA-1-PLUS:

SCRAM-SHA-1:

NOTHING:

UNKNOWN:

@Neustradamus Neustradamus pinned this issue Jul 15, 2019
@scram-sasl scram-sasl deleted a comment from FuNNyGaYz69 Mar 30, 2024
@MarkPhubet
Copy link

Good

@wneessen
Copy link

wneessen commented Oct 1, 2024

Based on go-gomail/gomail#198 (the project is not maintained anymore), I've created wneessen/go-mail#242 for the go-mail project. The PR is currently in review and expected to be merged into main during this week.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

No branches or pull requests

4 participants
@Neustradamus @wneessen @MarkPhubet and others