Simple Authentication and Security Layer (sasl) ----------------------------------------------- Charter Last Modified: 2006-08-16 Current Status: Active Working Group Chair(s): Tom Yu Kurt Zeilenga Security Area Director(s): Russ Housley Sam Hartman Security Area Advisor: Sam Hartman Mailing Lists: General Discussion:ietf-sasl@imc.org To Subscribe: ietf-sasl-request@imc.org In Body: subscribe Archive: http://www.imc.org/ietf-sasl/mail-archive/ Description of Working Group: The Simple Authentication and Security Layer [RFC2222] provides key security services to a number of application protocols including BEEP, IMAP, LDAP, POP, and SMTP. The purpose of this working group is to shepherd SASL, including select SASL mechanisms, through the Internet Standards process. This group will deliver a revised SASL Technical Specification suitable for consideration as a Draft Standard. This work will be based upon RFC 2222 and draft-myers-saslrev. This group will deliver revised Technical Specifications suitable for consideration as Draft Standards for the following SASL mechanisms: ANONYMOUS, PLAIN, CRAM-MD5, DIGEST-MD5, and EXTERNAL. This work will be based upon RFC 2195, RFC 2222, RFC 2831, draft-zeilenga-sasl-anon, draft-zeilenga-sasl-plain, draft-nerenberg-sasl-crammd5 and draft-melnikov-rfc2831bis, and draft-myers-saslrev-xx.txt. This group will deliver a revised Technical Specification suitable for publication as Proposed Standard for the GSSAPI family of SASL mechanisms. This work will be based upon RFC 2222 and draft-ietf-cat-sasl-gssapi. The following areas are not within the scope of work of this WG: - new features, - SASL Mechanisms not specifically mentioned above, and - SASL "profiles". However, the SASL WG is an acceptable forum for review of SASL-related submissions produced by others as long as such review does not impede progress on the WG objectives listed above. Goals and Milestones: Done Submit revised SASL (+ EXTERNAL) I-D Done Submit revised SASL ANONYMOUS I-D Done Submit revised SASL PLAIN I-D Done Submit revised SASL CRAM-MD5 I-D Done Submit revised SASL DIGEST-MD5 I-D Done Submit revised SASL GSSAPI I-D Done Submit SASL (+ EXTERNAL) to the IESG for consideration as a Proposed Standard Done Submit GSSAPI to IESG for consideration as a Proposed Standard Sep 2006 Submit GS2 to IESG for consideration as a Proposed Standard Sep 2006 Submit CRAM-MD5 to IESG for consideration as a Proposed Standard Oct 2006 Submit DIGEST-MD5 to IESG for consideration as a Proposed Standard Oct 2006 Provide implementation report plan (with milestones) Nov 2006 Revise charter or conclude Internet-Drafts: Posted Revised I-D Title ------ ------- -------------------------------------------- Feb 2003 Mar 2007 Using Digest Authentication as a SASL Mechanism Feb 2006 Mar 2007 Using GSS-API Mechanisms in SASL: The GS2 Mechanism Family Request For Comments: RFC Stat Published Title ------- -- ----------- ------------------------------------ RFC4013Standard Mar 2005 SASLprep: Stringprep profile for user names and passwords RFC4422 PS Jun 2006 Simple Authentication and Security Layer (SASL) RFC4505 PS Jun 2006 Anonymous Simple Authentication and Security Layer (SASL) Mechanism RFC4616 PS Aug 2006 The PLAIN Simple Authentication and Security Layer (SASL) Mechanism RFC4752 PS Nov 2006 The Kerberos V5 (