On 15 Dec 2009, at 19:40, Nicolas Williams wrote: > On Tue, Dec 15, 2009 at 07:13:36PM +0000, Chris Ridd wrote: >> On 15 Dec 2009, at 19:07, Alan Coopersmith wrote: >>> Alan Coopersmith wrote: >>>> Chris Ridd wrote: >>>>> Are there any plans to implement the new SCRAM mechanism in OpenSolaris? >>>>> AIUI it will be mandatory in certain applications, eg XMPP. >>>> >>>> I don't suppose you could provide a reference to it, could you? >>>> The name is very un-googlable since it's such a common word. >>> >>> Never mind, just after hitting send I spotted the additional word "SASL" >>> in the subject line, which helps google narrow down the "scram" hits a lot. >> >> :-) >> >> <http://tools.ietf.org/html/draft-ietf-sasl-scram-10> > > There are not, no, not yet. > > Currently we have neither SCRAM implementation nor Solaris SASL resync > (with Cyrus SASL) projects funded. That means that the most likely > scenario is that we'll wait for Cyrus SASL to get it first, then resync > it as necessary. > > Customer need for SCRAM is certainly a potential driver for funding.
Alternatively, is there a community opportunity here? I do work with one of the RFC's other authors (Alexey) who also has commit access to Cyrus SASL. I've no idea what might be involved in the Solaris SASL resync. > (Note that there's two ways to implement SCRAM: either as a pure SASL > mechanism, or as a GSS-API mechanism accessed as a SASL one via the > "GS2" mechanism bridge [draft-ietf-sasl-gs2]. The latter is probably > more desirable for Solaris, since it's more generic.) Interesting. I don't know what the implications of having two mechanisms might be for clients/applications. Cheers, Chris