Uploaded image for project: 'OpenDJ'
  1. OpenDJ
  2. OPENDJ-6828

SCRAM should allow low iteration counts even if they are not recommended

    Details

    • Type: Bug
    • Status: Done
    • Priority: Blocker
    • Resolution: Fixed
    • Affects Version/s: 7.0.0
    • Fix Version/s: 7.0.0
    • Component/s: security
    • Labels:

      Description

      The SCRAM mechanisms have a hard-wired minimum iteration limit of 4096, yet this is only documented as "SHOULD" in the RFCs. We should allow lower iterations, even if they are not recommended. It should be possible for the client application to set the minimum iteration count they are willing to accept.
       

        Attachments

          Activity

            People

            • Assignee:
              michal.severin Michal Severin
              Reporter:
              matthew Matthew Swift
              Dev Assignee:
              Ludovic Poitou
              QA Assignee:
              Michal Severin
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: