[jdev] Seeking jabber implementers for SCRAM-SHA-1 testing
Simon Josefsson
simon at josefsson.org
Tue Nov 3 03:48:44 CST 2009
Dave Cridland <dave at cridland.net> writes:
> On Tue Nov 3 06:33:09 2009, Simon Josefsson wrote:
>> The latest release [1] of GNU SASL [2] has support for the new SASL
>> mechanism SCRAM-SHA-1 and I'm trying to find interested jabber/XMPP
>> implementers who are interested in testing how well it works in the
>> XMPP
>> protocol. Feel free to join discussions on help-gsasl at gnu.org, or
>> e-mail me privately if you prefer.
>>
>> If someone else has implemented SCRAM-SHA-1 here, I would be
>> interested
>> in performing some interop testing with my implementation.
>
> I have both an implementation of it and a suite of protocol
> implementations that use it, including XMPP. (And IMAP, ESMTP, and -
> naturally - ACAP). I added SCRAM to see how much harder it was than
> DIGEST-MD5 - it turns out to be much, much easier. It's quite
> possibly out of date WRT the spec, I did it during the last batch of
> GSSAPIisms.
We'll find out. :-)
> I believe that Alexey has the majority, at least, of a server-side
> SCRAM-SHA-1 implementation for Cyrus SASL, too.
He told me it was only SCRAM-MD5, at least some time ago.
> So in the short term, I can spin that up against whatever concrete
> server you have that'll use SCRAM-SHA-1, I think. I believe it'll do
> at least some forms of channel binding, too.
I have a public IMAP test server up and running with SCRAM-SHA-1
support. No channel binding support yet. Host 'nubb.josefsson.org',
username 'user' and password 'pencil'. See:
http://www.ietf.org/mail-archive/web/sasl/current/msg04298.html
Let me know if it does/doesn't work.
Thanks,
/Simon
More information about the JDev
mailing list