Salted Challenge Response HTTP Authentication Mechanism
RFC 7804, “Salted Challenge Response HTTP Authentication Mechanism”, is an Experimental document published in March 2016 by A. Melnikov. The canonical text is published by the RFC Editor.
Abstract
This specification describes a family of HTTP authentication mechanisms called the Salted Challenge Response Authentication Mechanism (SCRAM), which provides a more robust authentication mechanism than a plaintext password protected by Transport Layer Security (TLS) and avoids the deployment obstacles presented by earlier TLS-protected challenge response authentication mechanisms.
What “Experimental” means
Describes a specification that is part of a research or development effort, published so the community can gain experience with it.
The canonical text of RFC 7804 is hosted at rfc-editor.org. Available in TXT,HTML.
- RFC 7803 Changing the Registration Policy for the NETCONF Capability URNs Registry
- RFC 7805 Moving Outdated TCP Extensions and TCP-Related Documents to Historic or Informational Status
- RFC 7802 A Pseudo-Random Function for the Kerberos V Generic Security Service Application Program Interface Mechanism
- RFC 7806 On Queuing, Marking, and Dropping
- RFC 7801 GOST R 34.12-2015: Block Cipher "Kuznyechik"
- RFC 7807 Problem Details for HTTP APIs
- RFC 7800 Proof-of-Possession Key Semantics for JSON Web Tokens
- RFC 7808 Time Zone Data Distribution Service