Simple Authentication and Security Layer (SASL) Mechanisms

Simple Authentication and Security Layer (SASL) Mechanisms 2015-11-02 The Simple Authentication and Security Layer (SASL) is a method for adding authentication support to connection-based protocols. To use this specification, a protocol includes a command for identifying and authenticating a user to a server and for optionally negotiating a security layer for subsequent protocol interactions. The command has a required argument identifying a SASL mechanism. SASL mechanisms are named by strings, from 1 to 20 characters in length, consisting of upper-case letters, digits, hyphens, and/or underscores. SASL mechanism names must be registered with the IANA. Procedures for registering new SASL mechanisms are described in . SASL mechanism names starting with "GS2-" are reserved for SASL mechanisms which conform to . Registration procedures for SASL mechanism names starting with "SCRAM-" are defined in . SASL Mechanisms First Come First Served for mechanisms. Expert Review with mailing list for family name registrations. For names beginning with "GS2-", see RFC 5801. For names beginning with "SCRAM-", see RFC7677. Simon Josefsson 9798-M-DSA-SHA1 COMMON 9798-M-ECDSA-SHA1 COMMON 9798-M-RSA-SHA1-ENC COMMON 9798-U-DSA-SHA1 COMMON 9798-U-ECDSA-SHA1 COMMON 9798-U-RSA-SHA1-ENC COMMON ANONYMOUS COMMON CRAM-MD5 LIMITED DIGEST-MD5 OBSOLETE EAP-AES128 COMMON EAP-AES128-PLUS COMMON EXTERNAL COMMON GS2-* COMMON GS2-KRB5 COMMON GS2-KRB5-PLUS COMMON GSS-SPNEGO LIMITED GSSAPI COMMON KERBEROS_V4 OBSOLETE KERBEROS_V5 COMMON LOGIN OBSOLETE NMAS_AUTHEN LIMITED NMAS_LOGIN LIMITED NMAS-SAMBA-AUTH LIMITED NTLM LIMITED OAUTH10A COMMON OAUTHBEARER COMMON OPENID20 COMMON OTP COMMON PLAIN COMMON SAML20 COMMON SCRAM-* COMMON SECURID COMMON SKEY OBSOLETE SPNEGO MUST NOT be used SPNEGO-PLUS MUST NOT be used XOAUTH OBSOLETE N/A XOAUTH2 OBSOLETE N/A SASL SCRAM Family Mechanisms IETF Review with mailing list SCRAM-SHA-1 COMMON 4096 1.3.6.1.5.5.14 SCRAM-SHA-1-PLUS COMMON 4096 1.3.6.1.5.5.14 SCRAM-SHA-256 COMMON 4096 1.3.6.1.5.5.18 SCRAM-SHA-256-PLUS COMMON 4096 1.3.6.1.5.5.18 IESG mailto:iesg&ietf.org Kenneth Murchison mailto:ken&oceana.com 2014-11-10 Magnus Nystrom mailto:magnus&rsasecurity.com Mark G. Gayman mailto:mgayman&novell.com 2000-09 Mark R. Crispin mailto:MRC&CAC.Washington.EDU 2014-11-10 Paul Leach mailto:paulle&microsoft.com 2000-06 Robert Zuccherato mailto:robert.zuccherato&entrust.com Simon Josefsson mailto:simon&josefsson.org 2004-01 Vince Brimhall mailto:vbrimhall&novell.com 2004-04