Home > mailing lists

Re: [HACKERS] On-disk format of SCRAM verifiers - Mailing list pgsql-hackers

From	Heikki Linnakangas
Subject	Re: [HACKERS] On-disk format of SCRAM verifiers
Date	April 22, 2017 01:55:38
Msg-id	44c0cba4-3f06-6c9e-1a98-1bb9621fbec5@iki.fi Whole thread Raw
In response to	Re: [HACKERS] On-disk format of SCRAM verifiers (Simon Riggs <simon@2ndquadrant.com>)
List	pgsql-hackers

Tree view

On 04/21/2017 05:33 PM, Simon Riggs wrote:
> On 21 April 2017 at 14:42, Heikki Linnakangas <hlinnaka@iki.fi> wrote:
>
>>>>> SCRAM-SHA-256$<iteration count>:<salt>$<StoredKey>:<ServerKey>
>>>>
>>>> Could you explain where you are looking? I don't see that in RFC5803
>>>
>> >From 1.  Overview:
>>
>> Yeah, it's not easy to see, I missed it earlier too. You have to look at RFC 5803 and RFC 3112 together. RFC 3112
saysthat the overall format is "<scheme>$<authInfo>$<authValue>", and RFC5803 says that for SCRAM, scheme is
"SCRAM-SHA-256"(for our variant), authInfo is "<iteration count>:<salt>" and authValue is "<StoredKey>:<ServerKey>"
 
>>
>> They really should've included examples in those RFCs.
>
> Thanks
>
> +1 for change

Committed, thanks.

- Heikki

pgsql-hackers by date:

From: Peter Eisentraut
Date: 22 April 2017, 01:55:01
Subject: Re: [HACKERS] Old versions of Test::More

From: Heikki Linnakangas
Date: 22 April 2017, 02:04:14
Subject: Re: [HACKERS] scram and \password

Re: [HACKERS] On-disk format of SCRAM verifiers - Mailing list pgsql-hackers

Previous

Next