RFC6331: Moving DIGEST-MD5 to Historic

[Neustradamus]

Dear @dinhvh,

31 August 2006: RFC4616: The PLAIN Simple Authentication and Security Layer (SASL) Mechanism:

• https://datatracker.ietf.org/doc/html/rfc4616

20 November 2008: CRAM-MD5 to Historic:

• https://tools.ietf.org/html/draft-ietf-sasl-crammd5-to-historic-00

29 June 2017: CRAM-MD5 to Historic:

• https://tools.ietf.org/html/draft-zeilenga-luis140219-crammd5-to-historic-00

July 2011: RFC6331: Moving DIGEST-MD5 to Historic:

• https://tools.ietf.org/html/rfc6331

August 2021: RFC9051: Internet Message Access Protocol (IMAP) - Version 4rev2: "Replaced DIGEST-MD5 SASL mechanism with SCRAM-SHA-256. DIGEST-MD5 was deprecated."

• https://tools.ietf.org/html/rfc9051

In more LOGIN (it has been replaced by PLAIN), CRAM-MD5, DIGEST-MD5, I add same about NTLM and KERBEROS_V4.

There are now:

• July 2010: RFC5802: Salted Challenge Response Authentication Mechanism (SCRAM): SASL and GSS-API Mechanisms: https://tools.ietf.org/html/rfc5802 (SCRAM-SHA-1 and SCRAM-SHA-1-PLUS)
• July 2010: RFC5803: Lightweight Directory Access Protocol (LDAP) Schema for Storing Salted: Challenge Response Authentication Mechanism (SCRAM) Secrets: https://tools.ietf.org/html/rfc5803
• November 2015: RFC7677: SCRAM-SHA-256 and SCRAM-SHA-256-PLUS: Simple Authentication and Security Layer (SASL) Mechanisms: https://tools.ietf.org/html/rfc7677

Soon:

• SCRAM-SHA-512(-PLUS): https://tools.ietf.org/html/draft-melnikov-scram-sha-512
• SCRAM-SHA3-512(-PLUS): https://tools.ietf.org/html/draft-melnikov-scram-sha3-512

[Neustradamus]

Dear @dinhvh,

Can you remove old unsecure mechanisms?

• CRAM-MD5
• DIGEST-MD5
• SCRAM MD5

Thanks in advance.