Just had one question regarding the authentication (perhaps this is just a misundertanding). I was reading an issue that someone opened up on January 10th, 2020, asking about the various authentication methods one could use with OpenLDAP.
In that list, you named 'SCRAM-SHA-1' + 'SCRAM-SHA-256'.
Since that was a little while ago, I was curious about SCRAM-SHA-512 (more specifically, SCRAM-SHA-512-PLUS, but I assume that's a given if the server is configured to connect over TLS).
Is that standard possible yet? My assumption was that if SCRAM-SHA-256 is an authentication option, then so is SCRAM-SHA-512 (it just becomes a matter of specifying SHA-512 instead of SHA-256). Also wanted to confirm that theory above about the channel binding being implicitly added with TLS already configured for the LDAP server.
Hey, great job on this deployment - per usual.
Just had one question regarding the authentication (perhaps this is just a misundertanding). I was reading an issue that someone opened up on January 10th, 2020, asking about the various authentication methods one could use with OpenLDAP.
In that list, you named 'SCRAM-SHA-1' + 'SCRAM-SHA-256'.
Since that was a little while ago, I was curious about SCRAM-SHA-512 (more specifically, SCRAM-SHA-512-PLUS, but I assume that's a given if the server is configured to connect over TLS).
Is that standard possible yet? My assumption was that if SCRAM-SHA-256 is an authentication option, then so is SCRAM-SHA-512 (it just becomes a matter of specifying SHA-512 instead of SHA-256). Also wanted to confirm that theory above about the channel binding being implicitly added with TLS already configured for the LDAP server.