5.5 The CRAM-MD5 mechanism

The CRAM-MD5 is a widely used, but officially deprecated (apparently in favor of DIGEST-MD5), challenge-response mechanism that transfer hashed passwords instead of clear text passwords. For insecure channels (e.g., when TLS is not used), it is safer than PLAIN. The CRAM-MD5 mechanism do not support authorization identities; making the relationship between CRAM-MD5 and DIGEST-MD5 similar to the relationship between LOGIN and PLAIN.

The disadvantage with hashed passwords is that the server cannot use normal authentication infrastructures such as PAM, because the server must have access to the correct password in order to validate an authentication attempt.

In the client, this mechanism is always enabled, and require the GSASL_AUTHID and GSASL_PASSWORD properties.

In the server, the mechanism will invoke the GSASL_PASSWORD callback, which may use the GSASL_AUTHID property to determine which users' password should be used. The GSASL_AUTHID will be in normalized form. The server will then normalize the returned password, and compare the client response with the computed correct response, and accept the user accordingly.

See Use of SASLprep in CRAM-MD5, for a clarification on the interpretation of the CRAM-MD5 specification that this implementation rely on.