1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
|
SIMPLE AUTHENTICATION AND SECURITY LAYER (SASL) MECHANISMS
----------------------------------------------------------
(last updated 2006-12-07)
The Simple Authentication and Security Layer (SASL) [RFC4422] is a
method for adding authentication support to connection-based
protocols. To use this specification, a protocol includes a command
for identifying and authenticating a user to a server and for
optionally negotiating a security layer for subsequent protocol
interactions. The command has a required argument identifying a SASL
mechanism.
SASL mechanisms are named by strings, from 1 to 20 characters in
length, consisting of upper-case letters, digits, hyphens, and/or
underscores. SASL mechanism names must be registered with the IANA.
Procedures for registering new SASL mechanisms are described in
RFC4422.
Registration Procedures:
First Come First Serve for Mechanisms
Expert Review with Mailing List for Family Name Registrations
MECHANISMS USAGE REFERENCE OWNER
---------- ----- --------- -----
KERBEROS_V4 OBSOLETE [RFC2222] IESG <iesg&ietf.org>
GSSAPI COMMON [RFC4752] IESG <iesg&ietf.org>
SKEY OBSOLETE [RFC2444] IESG <iesg&ietf.org>
EXTERNAL COMMON [RFC4422] IESG <iesg&ietf.org>
CRAM-MD5 LIMITED [RFC2195] IESG <iesg&ietf.org>
ANONYMOUS COMMON [RFC4505] IESG <iesg&ietf.org>
OTP COMMON [RFC2444] IESG <iesg&ietf.org>
GSS-SPNEGO LIMITED [Leach] Paul Leach <paulleµsoft.com>
PLAIN COMMON [RFC4616] IESG <iesg&ietf.org>
SECURID COMMON [RFC2808] Magnus Nystrom <magnus&rsasecurity.com>
NTLM LIMITED [Leach] Paul Leach <paulleµsoft.com>
NMAS_LOGIN LIMITED [Gayman] Mark G. Gayman <mgayman&novell.com>
NMAS_AUTHEN LIMITED [Gayman] Mark G. Gayman <mgayman&novell.com>
DIGEST-MD5 COMMON [RFC2831] IESG <iesg&ietf.org>
9798-U-RSA-SHA1-ENC COMMON [RFC3163] robert.zuccherato&entrust.com
9798-M-RSA-SHA1-ENC COMMON [RFC3163] robert.zuccherato&entrust.com
9798-U-DSA-SHA1 COMMON [RFC3163] robert.zuccherato&entrust.com
9798-M-DSA-SHA1 COMMON [RFC3163] robert.zuccherato&entrust.com
9798-U-ECDSA-SHA1 COMMON [RFC3163] robert.zuccherato&entrust.com
9798-M-ECDSA-SHA1 COMMON [RFC3163] robert.zuccherato&entrust.com
KERBEROS_V5 COMMON [Josefsson] Simon Josefsson <simon&josefsson.org>
NMAS-SAMBA-AUTH LIMITED [Brimhall] Vince Brimhall <vbrimhall&novell.com>
References
----------
[RFC2195] Klensin, J., Catoe, R., Krumviede, P. "IMAP/POP AUTHorize
Extension for Simple Challenge/Response", RFC 2195, MCI,
September 1997.
[RFC2222] J. Myers, "Simple Authentication and Security Layer (SASL)",
RFC 2222, October 1997.
[RFC2444] Newman, C., "The One-Time-Password SASL Mechanism", RFC
2444, October 1998.
[RFC2595] Newman, C., "Using TLS with IMAP, POP3 and ACAP", RFC 2595,
Innosoft, June 1999.
[RFC2808] Nystrom, M., "The SecurID(r) SASL Mechanism", RFC 2808,
April 2000.
[RFC2831] Leach, P. and C. Newman, "Using Digest Authentication as a
SASL Mechanism", RFC 2831, May 2000.
[RFC3163] R. Zuccherato and M. Nystrom, "ISO/IEC 9798-3 Authentication
SASL Mechanism", RFC 3163, August 2001.
[RFC4505] K. Zeilenga, Ed., "Anonymous Simple Authentication and
Security Layer (SASL) Mechanism", RFC 4505, June 2006.
[RFC4422] A. Melnikov and K. Zeilenga, "Simple Authentication and Security
Layer (SASL)", RFC 4422, June 2006.
[RFC4616] K. Zeilenga, "The PLAIN SASL Mechanism", RFC 4616, August 2006.
[RFC4752] A. Melnikov, "The Kerberos V5 ("GSSAPI") SASL mechanisma",
RFC 4752, November 2006.
People
------
[Brimhall] Vince Brimhall, <vbrimhall&novell.com>, April 2004.
[Gayman] Mark G. Gayman, <mgayman&novell.com>, September 2000.
[Josefsson] Simon Josefsson, <simon&josefsson.org>, January 2004.
[Leach] Paul Leach, <paulleµsoft.com>, December 1998, June 2000.
[]
|
