On May 25, 2009, at 11:14 AM, Nicolas Williams wrote:
I'm more than happy to leave SCRAM and GS2 as they are, which effectively means that we punt on channel binding type negotiation, leaving us with a preference for end-point channel binding types over unique ones.
Generally and with respect to SCRAM, I rather change the specification to always require the use of unique channel bindings. I do understand however that some prefer use of end-point channel binding types in certain cases.
One solution for SCRAM is to offer: SCRAM-SHA-1 SCRAM-SHA-1-ENDPOINT SCRAM-SHA-1-UNIQUEor, if one wanted to name one of the latter two with -PLUS, s/-UNIQUE/- PLUS/.
However, as WG Chair, I'm willing to discuss and conclude on this issue (for SCRAM) as part of SCRAM WGLC.
-- Kurt