RFC 5054, "Using the Secure Remote Password (SRP) Protocol for TLS Authentication", November 2007Source of RFC: tls (sec)
See Also: RFC 5054 w/ inline errata
Errata ID: 7538
Publication Format(s) : TEXT
Reported By: Mingye Wang
Date Reported: 2023-06-07
Verifier Name: Paul Wouters
Date Verified: 2023-10-11
Section 2.1 says:
The version of SRP used here is sometimes referred to as "SRP-6" [SRP-6].
It should say:
The version of SRP used here is sometimes referred to as "SRP-6a" [SRP-6a]. [SRP-6a]: Wu, T., "SRP Protocol Design", circa 2005, http://srp.stanford.edu/design.html
The protocol described uses a non-constant k, which is an innovation of SRP-6a -- never published formally in a technical report (until this RFC) and dating to ~2005 if we go by the libsrp version history. Actual [SRP-6] of 2002 uses a constant k = 3.
Reference to the [SRP-6] text is still valuable for rationale, but is not accurate. Confusion between these two versions is harmful and may impeded interoperability.