18May
How to verify the salt in the SCRAM protocol?
I’ve recently read about the SCRAM authentication protocol. One of the stated design motivations is to support mutual authentication, but how does the client verify that the salt and cost parameters provided by the server are correct?
If t…
