which is our DIGEST-MD5 successor?

[Tom Yu <tlyu@xxxxxxx>]

We have had several password-based SASL mechanism proposals submitted
to the WG for the purpose of replacing DIGEST-MD5.  Much of our
discussion has centered on SCRAM, but I would like to make sure that
we have consensus behind SCRAM and that all proposals presented to us
have been adequately considered.

I believe the HEXA proposal has been merged into SCRAM.  Simon
Josefsson has also submitted a password-based mechanism.  During
IETF70, I had misunderstood Simon's intention with this document and
believed that he was withdrawing it.  Simon has since stated that he
intends to continue pursuing his document.  The document remains
expired, as far as I can tell, so this may not be relevant anymore.
(Simon, do you intend to renew the document?)

I think Chris Newman said during the WG session at IETF70 that he
believed there was nothing in Simon's document that was not in SCRAM,
apart from a few paragraphs about making the protocol consistent with
GS2.  I later realized that Chris is listed as an author of SCRAM, and
would like additional opinions.

Has anyone other than Chris looked at Simon's document and concluded
that Simon's document is substantially feature-equivalent to SCRAM,
except for the few paragraphs about GS2 compatibility?  We can discuss
this during the WG session tomorrow, but getting some discussion
started on the mailing list in advance would also be useful.

---Tom