SCRAM is not a mechanism to hide the password from the server operator. Its a mechanism to make it possible for the server operator to NOT store the password after getting it.
Regards Philipp Am Do., 24. Jan. 2019 um 16:51 Uhr schrieb Evgeny <xramt...@gmail.com>: > On Thu, Jan 24, 2019 at 6:39 PM, Florian Schmaus <f...@geekplace.eu> > wrote: > > I am not sure if the XSF is the right venue > > Well, some people cite RFC 6120, as I understand, section 13.8.1, > which requires, among others, to support SCRAM-SHA1-PLUS. So > XSF responsibility cannot be completely ruled out. > > _______________________________________________ > Standards mailing list > Info: https://mail.jabber.org/mailman/listinfo/standards > Unsubscribe: standards-unsubscr...@xmpp.org > _______________________________________________ >
_______________________________________________ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: standards-unsubscr...@xmpp.org _______________________________________________