adding some sha mechanisms

[brong]

From: david.maciejak@gmail.com
Bugzilla-Id: 3373
Version: 2.1.x
Owner: Ken Murchison

[brong]

From:

Hi,

I am wondering why sasl lib does not use more sha1 like algo in its plugins (for example for cram-sha1 or digest-sha1), thus cyrus-imapd could be able to handle more auth mechanisms (you may know that courier-imapd authlib is aware of cram-sha1 and cram-sha256). I know RFC 4422 is only talking about digest-md5 and cram-md5, is it why it s not implemented in sasl lib ?
I could contribute some code if you want.

Regards,
david

[brong]

From: Alexey Melnikov

CRAM-SHA1 and CRAM-SHA256 are not documented and I haven't heard much about them being deployed. But anyway, it is not worth implementing any new version of CRAM-* or DIGEST-*. SCRAM-SHA1 has replaced both of these and it is using SHA1.

[brong]

Closing: was RESOLVED in import

[Neustradamus]

@brong, @ksmurchison: There is a problem of priority for SCRAM-SHA-256 and SCRAM-SHA-1:

• Prioritize SCRAM-SHA-256 over SCRAM-SHA-1 #577

Any news for other points?

• Add SCRAM-SHA-1-PLUS, SCRAM-SHA-224-PLUS, SCRAM-SHA-256-PLUS, SCRAM-SHA-384-PLUS, SCRAM-SHA-512-PLUS, SCRAM-SHA3-512(-PLUS) supports #552

It is easy to add -PLUS part, no?

Documentation problems:

• There is a problem in documentations, please update documentations #549