Support for SCRAM

[Zash]

RFC 5802: Salted Challenge Response Authentication Mechanism

Has nice properties such as:

• Authentication via exchange of salted hashes
• Allows storage of hashed credentials on the server
• Allows storage of hashed credentials on the client
• Password stretched into a key with PBKDF2
• Mutual authentication (obvious to the client if the server doesn't have their part of the stored hashes)
• Support for channel binding (fails loudly in case of MITM)
• Relatively easy to implement (you get pretty far by just copypasting the BNF from the overview section)

Supported by Dovecot. Widely used in the XMPP ecosystem.

[Neustradamus]

@emersion: I wish you a Happy New Year 2022!

Any news on it?

Linked to:

• State of Play scram-sasl/info#1

[emersion]

I have no plans to work on this. Pull requests may be accepted.

[pfr-dev]

I was about to open a new issue, but it seems I need to bump this one.

I've raised an issue over at https://todo.sr.ht/~rjarry/aerc/282#event-391370

Support for SCRAM would be greatly appreciated.

@rjarry can you assist with the PR?

[emersion]

Note that this issue is about SCRAM, not about DIGEST-MD5 nor CRAM-MD5. The latter are not only historic/deprecated but also insecure and I will not accept a patch for these.

[pfr-dev]

If SCRAM-SHA-256 is going to be supported perhaps I could convince the SDF admins to adopt this standard over the deprecated CRAM-MD5.