Salted Challenge Response HTTP Authentication Mechanism, March 2016
- Canonical URL:
- File formats:
- A. Melnikov
- httpauth (sec)
Discuss this RFC: Send questions or comments to firstname.lastname@example.org
This specification describes a family of HTTP authentication mechanisms called the Salted Challenge Response Authentication Mechanism (SCRAM), which provides a more robust authentication mechanism than a plaintext password protected by Transport Layer Security (TLS) and avoids the deployment obstacles presented by earlier TLS-protected challenge response authentication mechanisms.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 4844.