%% You should probably cite rfc7804 instead of this I-D. @techreport{ietf-httpauth-scram-auth-14, number = {draft-ietf-httpauth-scram-auth-14}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-ietf-httpauth-scram-auth/14/}, author = {Alexey Melnikov}, title = {{Salted Challenge Response (SCRAM) HTTP Authentication Mechanism}}, pagetotal = 18, year = 2015, month = dec, day = 5, abstract = {This specification describes a family of HTTP authentication mechanisms called the Salted Challenge Response Authentication Mechanism (SCRAM), which provides a more robust authentication mechanism than a plaintext password protected by Transport Layer Security (TLS) and avoids the deployment obstacles presented by earlier TLS-protected challenge response authentication mechanisms.}, }