Dear Zammad team,
20 November 2008: CRAM-MD5 to Historic:
29 June 2017: CRAM-MD5 to Historic:
July 2011: RFC6331: Moving DIGEST-MD5 to Historic:
August 2021: RFC9051: Internet Message Access Protocol (IMAP) - Version 4rev2:
“Replaced DIGEST-MD5 SASL mechanism with SCRAM-SHA-256. DIGEST-MD5 was deprecated.”
I add same about SCRAM-MD5.
There are now:
- July 2010: RFC5802: Salted Challenge Response Authentication Mechanism (SCRAM): SASL and GSS-API Mechanisms: RFC 5802: Salted Challenge Response Authentication Mechanism (SCRAM) SASL and GSS-API Mechanisms (SCRAM-SHA-1 and SCRAM-SHA-1-PLUS)
- July 2010: RFC5803: Lightweight Directory Access Protocol (LDAP) Schema for Storing Salted: Challenge Response Authentication Mechanism (SCRAM) Secrets: RFC 5803: Lightweight Directory Access Protocol (LDAP) Schema for Storing Salted Challenge Response Authentication Mechanism (SCRAM) Secrets
- November 2015: RFC7677: SCRAM-SHA-256 and SCRAM-SHA-256-PLUS: Simple Authentication and Security Layer (SASL) Mechanisms: RFC 7677: SCRAM-SHA-256 and SCRAM-SHA-256-PLUS Simple Authentication and Security Layer (SASL) Mechanisms
Soon:
- SCRAM-SHA-512(-PLUS): draft-melnikov-scram-sha-512-02
- SCRAM-SHA3-512(-PLUS): draft-melnikov-scram-sha3-512-02