Re: MD5 authentication needs help -SCRAM

At 2015-03-09 13:52:10 +0200, hlinnaka@iki.fi wrote:
>
> Do you have any insight on why the IETF working group didn't choose a
> PAKE protocol instead of or in addition to SCRAM, when SCRAM was
> standardized?

Hi Heikki.

It was a long time ago, but I recall that SRP was patent-encumbered:

https://datatracker.ietf.org/ipr/search/?rfc=2945&submit=rfc

The Wikipedia page says the relevant patents expired in 2011 and 2013.
I haven't followed SRP development since then, maybe it's been revised.

When SCRAM was being discussed, I can't recall any other proposals for
PAKE protocols. Besides, as you may already know, anyone can submit an
internet-draft about anything. It needs to gain general support for an
extended period in order to advance through the standards process.

Could you please explain what exactly you mean about a SCRAM
eavesdropper gaining some advantage in being able to mount a
dictionary attack? I didn't follow that part.

-- Abhijit