SCRAM-SHA-256 and SCRAM-SHA-256-PLUS Simple Authentication and Security Layer Mechanisms
RFC 7677, “SCRAM-SHA-256 and SCRAM-SHA-256-PLUS Simple Authentication and Security Layer Mechanisms”, is a Proposed Standard document published in November 2015 by T. Hansen. It updates RFC 5802. It has since been updated by RFC 9266. The canonical text is published by the RFC Editor.
Abstract
This document registers the Simple Authentication and Security Layer (SASL) mechanisms SCRAM-SHA-256 and SCRAM-SHA-256-PLUS, provides guidance for secure implementation of the original SCRAM-SHA-1-PLUS mechanism, and updates the SCRAM registration procedures of RFC 5802.
What “Proposed Standard” means
An entry-level standards-track specification: stable, peer-reviewed and a solid basis for implementation, though it may still evolve before becoming an Internet Standard.
The canonical text of RFC 7677 is hosted at rfc-editor.org. Available in TXT,HTML.
- RFC 7676 IPv6 Support for Generic Routing Encapsulation
- RFC 7678 Attribute-Value Pairs for Provisioning Customer Equipment Supporting IPv4-Over-IPv6 Transitional Solutions
- RFC 7675 Session Traversal Utilities for NAT Usage for Consent Freshness
- RFC 7674 Clarification of the Flowspec Redirect Extended Community
- RFC 7681 Email Exchange of Secondary School Transcripts
- RFC 7673 Using DNS-Based Authentication of Named Entities TLSA Records with SRV Records
- RFC 7682 Considerations for Internet Routing Registries and Routing Policy Configuration
- RFC 7672 SMTP Security via Opportunistic DNS-Based Authentication of Named Entities Transport Layer Security