Closed Neustradamus closed 4 years ago
Can you elaborate what the issue is?
mongo-orchestration is built on top of PyMongo, which already supports SCRAM-SHA-256.
I see. I think we can remove those restrictions now. We currently restrict mongo-orchestration to PyMongo <3.6 for reasons that were resolved some time ago. 3.7 added SCRAM-SHA-256. That said, there are no known security issues with SCRAM-SHA-1. Using SHA-1 in SCRAM is not even remotely the same as signing TLS certs with SHA-1.
@behackett: Any news?
Ready for SCRAM-SHA-256 (and more)?