2.7.13 Simple Authentication and Security Layer (sasl)

NOTE: This charter is a snapshot of the 65th IETF Meeting in Dallas, TX USA. It may now be out-of-date.

Last Modified: 2005-10-03

Chair(s):

Tom Yu <tlyu@mit.edu>
Kurt Zeilenga <kurt@openLDAP.org>

Security Area Director(s):

Russ Housley <housley@vigilsec.com>
Sam Hartman <hartmans-ietf@mit.edu>

Security Area Advisor:

Sam Hartman <hartmans-ietf@mit.edu>

Mailing Lists:

General Discussion: ietf-sasl@imc.org
To Subscribe: ietf-sasl-request@imc.org
In Body: subscribe
Archive: http://www.imc.org/ietf-sasl/mail-archive/

Description of Working Group:

The Simple Authentication and Security Layer [RFC2222] provides key
security services to a number of application protocols including BEEP,
IMAP, LDAP, POP, and SMTP. The purpose of this working group is to
shepherd SASL, including select SASL mechanisms, through the Internet
Standards process.

This group will deliver a revised SASL Technical Specification
suitable for consideration as a Draft Standard. This work will be
based upon RFC 2222 and draft-myers-saslrev.

This group will deliver revised Technical Specifications suitable for
consideration as Draft Standards for the following SASL mechanisms:
ANONYMOUS, PLAIN, CRAM-MD5, DIGEST-MD5, and EXTERNAL. This work will
be based upon RFC 2195, RFC 2222, RFC 2831, draft-zeilenga-sasl-anon,
draft-zeilenga-sasl-plain, draft-nerenberg-sasl-crammd5 and
draft-melnikov-rfc2831bis, and draft-myers-saslrev-xx.txt.

This group will deliver a revised Technical Specification suitable for
publication as Proposed Standard for the GSSAPI family of SASL
mechanisms. This work will be based upon RFC 2222 and
draft-ietf-cat-sasl-gssapi.

The following areas are not within the scope of work of this WG:

- new features,

- SASL Mechanisms not specifically mentioned above, and

- SASL "profiles".

However, the SASL WG is an acceptable forum for review of SASL-related
submissions produced by others as long as such review does not impede
progress on the WG objectives listed above.

Goals and Milestones:

Done  Submit revised SASL (+ EXTERNAL) I-D
Done  Submit revised SASL ANONYMOUS I-D
Done  Submit revised SASL PLAIN I-D
Done  Submit revised SASL CRAM-MD5 I-D
Done  Submit revised SASL DIGEST-MD5 I-D
Done  Submit revised SASL GSSAPI I-D
May 2005  Submit SASL (+ EXTERNAL) to the IESG for consideration as a Proposed Standard
Jun 2005  Submit CRAM-MD5 to IESG for consideration as a Proposed Standard
Jul 2005  Submit DIGEST-MD5 to IESG for consideration as a Proposed Standard
Aug 2005  Submit GSSAPI to IESG for consideration as a Proposed Standard
Oct 2005  Provide implementation report plan (with milestones)
Nov 2005  Revise charter or conclude

Internet-Drafts:

  • draft-ietf-sasl-anon-05.txt
  • draft-ietf-sasl-plain-08.txt
  • draft-ietf-sasl-rfc2831bis-08.txt
  • draft-ietf-sasl-rfc2222bis-15.txt
  • draft-ietf-sasl-crammd5-06.txt
  • draft-ietf-sasl-gssapi-04.txt
  • draft-ietf-sasl-gs2-00.txt

    Request For Comments:

    RFCStatusTitle
    RFC4013 Standard SASLprep: Stringprep profile for user names and passwords

    Meeting Minutes


    Slides

    agenda
    gs2