|
|
|
|
|
Simple Authentication And Security Layer - This article is about SASL, the authentication framework. SASL may also refer to South African Sign Language.
Simple Authentication and Security Layer (SASL) is a framework for authentication and authorization in Internet protocols. It decouples authentication mechanisms from application protocols, in theory allowing any authentication mechanism supported by SASL to be used in any application protocol that uses SASL. SASL only handles authentication, and another mechanism (such as TLS) is needed for encrypting transferred content; however, SASL does provide a means of negotiating use of this mechanism. A SASL mechanism is modelled as a series of challenges and responses. Defined SASL mechanisms http://www.iana.org/assignments/sasl-mechanisms include: - "EXTERNAL", where authentication is implicit in the context (e.g., for protocols already using IPsec or TLS)
- "ANONYMOUS", for unauthenticated guest access
- "PLAIN", a simple cleartext password mechanism
- "OTP" for the system that evolved from S/KEY and is defined in RFC 2289
- "NTLM"
- It is planned that GSSAPI mechanisms will be supported by a family of mechanism names.
Protocols define their representation of SASL exchanges with a profile. A protocol has a service name such as "ldap" in a registry shared with GSSAPI and Kerberos http://www.iana.org/assignments/gssapi-service-names. Protocols currently using SASL include IMAP, LDAP, POP, SMTP and XMPP. External links - RFC 2222 defines the SASL framework.
- The SASL Working Group are updating the SASL specifications.
|
 |
|
| Copyright 2005-2009 OnPedia.com. All Rights Reserved |
|
|