SASL, Simple Authentication and Security Layer

Description Glossary RFCs Publications Obsolete RFCs

Description:

Protocol suite: TCP/IP.
Protocol type:Application layer protocol.
MIME subtype:
SNMP MIBs:
Working groups: sasl, Simple Authentication and Security Layer.
Links: IANA: SASL mechanisms.

RFC 4422:

SASL is a framework for providing authentication and data security services in connection-oriented protocols via replaceable mechanisms. It provides a structured interface between protocols and mechanisms. The resulting framework allows new protocols to reuse existing mechanisms and allows old protocols to make use of new mechanisms. The framework also provides a protocol for securing subsequent protocol exchanges within a data security layer.


SASL mechanisms are named by character strings, from 1 to 20 characters in length, consisting of ASCII uppercase letters, digits, hyphens, and underscores.

MechanismUsageReferences
ANONYMOUSCommon RFC 4505
CRAM-MD5Limited RFC 2195
DIGEST-MD5OBSOLETE RFC 2831
EXTERNALCommon RFC 2222, RFC 4422
GSS-SPNEGOLimited 
GSSAPICommon RFC 2222, RFC 4752
GSS-SPNEGOLimited 
GS2-*Common RFC 5801
GS2-KRB5Common RFC 5801
GS2-KRB5-PLUSCommon RFC 5801
KERBEROS_V4OBSOLETE RFC 2222
KERBEROS_V5Common 
NMAS_AUTHENLimited 
NMAS_LOGINLimited 
NMAS-SAMBA-AUTHLimited 
NTLMLimited 
OTPCommon RFC 2444
PLAINCommonRFC 4616
SAML20Common RFC 6595
SCRAM-*Common RFC 5802
SCRAM-SHA-1Common RFC 5802
SCRAM-SHA-1-PLUSCommon RFC 5802
SECURIDCommon RFC 2808
SKEYOBSOLETE RFC 2222
SPNEGOMUST NOT be used. RFC 5801
SPNEGO-PLUSMUST NOT be used. RFC 5801
9798-M-DSA-SHA1Common RFC 3163
9798-M-ECDSA-SHA1Common RFC 3163
9798-M-RSA-SHA1-ENCCommon RFC 3163
9798-U-DSA-SHA1Common RFC 3163
9798-U-ECDSA-SHA1Common RFC 3163
9798-U-RSA-SHA1-ENCCommon RFC 3163

Glossary:


RFCs:

[RFC 2195] IMAP/POP AUTHorize Extension for Simple Challenge/Response.

[RFC 2444] The One-Time-Password SASL Mechanism.

[RFC 2808] The SecurID(r) SASL Mechanism.

[RFC 2831] Using Digest Authentication as a SASL Mechanism.

[RFC 3163] ISO/IEC 9798-3 Authentication SASL Mechanism.

[RFC 4422] Simple Authentication and Security Layer (SASL).

[RFC 4505] Anonymous Simple Authentication and Security Layer (SASL) Mechanism.

[RFC 5801] Using Generic Security Service Application Program Interface (GSS-API) Mechanisms in Simple Authentication and Security Layer (SASL): The GS2 Mechanism Family.

[RFC 5802] Salted Challenge Response Authentication Mechanism (SCRAM) SASL and GSS-API Mechanisms.

[RFC 6595] A Simple Authentication and Security Layer (SASL) and GSS-API Mechanism for the Security Assertion Markup Language (SAML).


Publications:


Obsolete RFCs:

[RFC 2222] Simple Authentication and Security Layer (SASL).

[RFC 2245] Anonymous SASL Mechanism.


Description Glossary RFCs Publications Obsolete RFCs