--On Wednesday, December 16, 2009 10:47:27 AM +0000 Chris Ridd <chrisridd at mac.com> wrote:
> > On 15 Dec 2009, at 19:40, Nicolas Williams wrote: > >> On Tue, Dec 15, 2009 at 07:13:36PM +0000, Chris Ridd wrote: >>> On 15 Dec 2009, at 19:07, Alan Coopersmith wrote: >>>> Alan Coopersmith wrote: >>>>> Chris Ridd wrote: >>>>>> Are there any plans to implement the new SCRAM mechanism in >>>>>> OpenSolaris? AIUI it will be mandatory in certain applications, eg >>>>>> XMPP. >>>>> >>>>> I don't suppose you could provide a reference to it, could you? >>>>> The name is very un-googlable since it's such a common word. >>>> >>>> Never mind, just after hitting send I spotted the additional word >>>> "SASL" in the subject line, which helps google narrow down the "scram" >>>> hits a lot. >>> >>> :-) >>> >>> <http://tools.ietf.org/html/draft-ietf-sasl-scram-10> >> >> There are not, no, not yet. >> >> Currently we have neither SCRAM implementation nor Solaris SASL resync >> (with Cyrus SASL) projects funded. That means that the most likely >> scenario is that we'll wait for Cyrus SASL to get it first, then resync >> it as necessary. >> >> Customer need for SCRAM is certainly a potential driver for funding. > > Alternatively, is there a community opportunity here? I do work with one > of the RFC's other authors (Alexey) who also has commit access to Cyrus > SASL. I've no idea what might be involved in the Solaris SASL resync. Sure: - Implement GS2 for Cyrus SASL - Implement the SCRAM GSS-API mechanism
