RFC 7804

Salted Challenge Response HTTP Authentication Mechanism, March 2016

Canonical URL:
https://www.rfc-editor.org/rfc/rfc7804.txt
File formats:
Plain TextPDF
Status:
EXPERIMENTAL
Author:
A. Melnikov
Stream:
IETF
Source:
httpauth (sec)

Cite this RFC: TXT  |  XML

DOI:  10.17487/RFC7804

Discuss this RFC: Send questions or comments to http-auth@ietf.org

Other actions: Submit Errata  |  Find IPR Disclosures from the IETF


Abstract

This specification describes a family of HTTP authentication mechanisms called the Salted Challenge Response Authentication Mechanism (SCRAM), which provides a more robust authentication mechanism than a plaintext password protected by Transport Layer Security (TLS) and avoids the deployment obstacles presented by earlier TLS-protected challenge response authentication mechanisms.


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 4844.


Download PDF Reader