[Standards] SASL's DIGEST-MD5: host or domain?

Dave Cridland dave at cridland.net
Tue Aug 16 14:09:00 UTC 2016


On 16 August 2016 at 14:09, Kurt Zeilenga <kurt.zeilenga at isode.com> wrote:
>
>> On Aug 16, 2016, at 5:41 AM, Guus der Kinderen <guus.der.kinderen at gmail.com> wrote:
>>
>> Interoperability problems galore!
>
> Welcome to DIGEST-MD5!
>
> I recommend avoiding this mechanism.  Use SCRAM instead (preferably PLUS channel bindings) instead.
>

Openfire does offer SCRAM, sans -PLUS due to the missing bits of the TLS API.

But not everything can use SCRAM, and since DIGEST was the MTI for
many years, there's a large deployed base we cannot easily wish away
(including anything-but-latest Spark, when it's not doing GSSAPI).

> -- Kurt
> _______________________________________________
> Standards mailing list
> Info: http://mail.jabber.org/mailman/listinfo/standards
> Unsubscribe: Standards-unsubscribe at xmpp.org
> _______________________________________________
>


More information about the Standards mailing list