RFC 7804

Salted Challenge Response HTTP Authentication Mechanism, March 2016

File formats:
icon for text file icon for PDF icon for HTML
Status:
EXPERIMENTAL
Author:
A. Melnikov
Stream:
IETF
Source:
httpauth (sec)

Cite this RFC: TXT  |  XML  |   BibTeX

DOI:  https://doi.org/10.17487/RFC7804

Discuss this RFC: Send questions or comments to the mailing list ietf-http-wg@w3.org

Other actions: View Errata  |  Submit Errata  |  Find IPR Disclosures from the IETF  |  View History of RFC 7804


Abstract

This specification describes a family of HTTP authentication mechanisms called the Salted Challenge Response Authentication Mechanism (SCRAM), which provides a more robust authentication mechanism than a plaintext password protected by Transport Layer Security (TLS) and avoids the deployment obstacles presented by earlier TLS-protected challenge response authentication mechanisms.


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 8729.




Advanced Search