On 15 Dec 2009, at 19:40, Nicolas Williams wrote:

> On Tue, Dec 15, 2009 at 07:13:36PM +0000, Chris Ridd wrote:
>> On 15 Dec 2009, at 19:07, Alan Coopersmith wrote:
>>> Alan Coopersmith wrote:
>>>> Chris Ridd wrote:
>>>>> Are there any plans to implement the new SCRAM mechanism in OpenSolaris? 
>>>>> AIUI it will be mandatory in certain applications, eg XMPP.
>>>> 
>>>> I don't suppose you could provide a reference to it, could you?
>>>> The name is very un-googlable since it's such a common word.
>>> 
>>> Never mind, just after hitting send I spotted the additional word "SASL"
>>> in the subject line, which helps google narrow down the "scram" hits a lot.
>> 
>> :-)
>> 
>> <http://tools.ietf.org/html/draft-ietf-sasl-scram-10>
> 
> There are not, no, not yet.
> 
> Currently we have neither SCRAM implementation nor Solaris SASL resync
> (with Cyrus SASL) projects funded.  That means that the most likely
> scenario is that we'll wait for Cyrus SASL to get it first, then resync
> it as necessary.
> 
> Customer need for SCRAM is certainly a potential driver for funding.

Alternatively, is there a community opportunity here? I do work with one of the 
RFC's other authors (Alexey) who also has commit access to Cyrus SASL. I've no 
idea what might be involved in the Solaris SASL resync.

> (Note that there's two ways to implement SCRAM: either as a pure SASL
> mechanism, or as a GSS-API mechanism accessed as a SASL one via the
> "GS2" mechanism bridge [draft-ietf-sasl-gs2].  The latter is probably
> more desirable for Solaris, since it's more generic.)

Interesting. I don't know what the implications of having two mechanisms might 
be for clients/applications.

Cheers,

Chris

Reply via email to