Simple Authentication and Security Layer (sasl)

Last Modified: 2006-08-16

Additional information is available at tools.ietf.org/wg/sasl

Chair(s):

  • Kurt Zeilenga <kurt.zeilenga@isode.com>

  • Tom Yu <tlyu@mit.edu>

    Security Area Director(s):

  • Tim Polk <tim.polk@nist.gov>
  • Sam Hartman <hartmans-ietf@mit.edu>

    Security Area Advisor:

  • Sam Hartman <hartmans-ietf@mit.edu>

    Mailing Lists:

    General Discussion: ietf-sasl@imc.org
    To Subscribe: ietf-sasl-request@imc.org
    In Body: subscribe
    Archive: http://www.imc.org/ietf-sasl/mail-archive/

    Description of Working Group:

    This working group focuses on the application of the Session Initiation
    Protocol (SIP, RFC 3261) to the suite of services collectively known as
    instant messaging and presence (IMP). The IETF has committed to
    producing an interoperable standard for these services compliant to
    the requirements for IM outlined in RFC 2779 (including the security
    and privacy requirements there) and in the Common Profile for Instant
    Messaging (CPIM) specification, developed within the IMPP working
    group. As the most common services for which SIP is used share quite a
    bit in common with IMP, the adaptation of SIP to IMP seems a natural
    choice given the widespread support for (and relative maturity of) the
    SIP standard.
             
    This group has completed the majority of its primary goals and will
    focus on the remaining tasks documented here and concluding. Any
    proposed new work will require a recharter.
             
    The primary remaining work of this group will be to complete:
             
    1. The MSRP proposed standard mechanism for transporting sessions of
    messages initiated using the SIP, compliant to the requirments of RFC
    2779, CPIM and BCP 41.
             
    2. The XCAP framework for representing and carrying configuration and
    policy information in SIMPLE systems.
             
    3. A mechanism for representing partial changes (patches) to XML
    documents and extensions to the SIMPLE publication and notification
    mechanisms to convey these partial changes.
             
    4. A mechanism for initiating and managing Instant Message group chat.
             
    5. An annotated overview of the SIMPLE protocol definition documents.
             
    Any SIP extensions proposed in the course of this development will,
    after a last call process, be transferred to the SIP WG for
    consideration as formal SIP extensions.
             
    Any mechanisms created for managing Instant Message group chat are
    intended to provide a bridge to the conferencing protocols that will
    be defined in XCON. They will be limited in scope to address only
    simple Instant Message chat with nicknames and will not attempt
    to address complex conferencing concepts such as sidebars. Their
    design must anticipate operating in conjunction with the conferencing
    protocols XCON is working towards.
             
    The working group will work within the framework for presence and IM
    described in RFC 2778. The extensions it defines must also be
    compliant with the SIP processes for extensions. The group cannot
    modify baseline SIP behavior or define a new version of SIP for IM and
    presence. If the group determines that any capabilities requiring an
    extension to SIP are needed, the group will seek to define such
    extensions within the SIP working group, and then use them here.

    Goals and Milestones:

    Done  Submit revised SASL (+ EXTERNAL) I-D
    Done  Submit revised SASL ANONYMOUS I-D
    Done  Submit revised SASL PLAIN I-D
    Done  Submit revised SASL CRAM-MD5 I-D
    Done  Submit revised SASL DIGEST-MD5 I-D
    Done  Submit revised SASL GSSAPI I-D
    Done  Submit SASL (+ EXTERNAL) to the IESG for consideration as a Proposed Standard
    Done  Submit GSSAPI to IESG for consideration as a Proposed Standard
    Sep 2006  Submit GS2 to IESG for consideration as a Proposed Standard
    Sep 2006  Submit CRAM-MD5 to IESG for consideration as a Proposed Standard
    Oct 2006  Submit DIGEST-MD5 to IESG for consideration as a Proposed Standard
    Oct 2006  Provide implementation report plan (with milestones)
    Nov 2006  Revise charter or conclude

    Internet-Drafts:

    Using GSS-API Mechanisms in SASL: The GS2 Mechanism Family (57827 bytes)
    Moving DIGEST-MD5 to Historic (13387 bytes)

    Request For Comments:

    SASLprep: Stringprep profile for user names and passwords (RFC 4013) (13051 bytes)
    Simple Authentication and Security Layer (SASL) (RFC 4422) (73206 bytes) obsoletes RFC 2222
    Anonymous Simple Authentication and Security Layer (SASL) Mechanism (RFC 4505) (16599 bytes) obsoletes RFC 2245
    The PLAIN Simple Authentication and Security Layer (SASL) Mechanism (RFC 4616) (20270 bytes) updates RFC 2595
    The Kerberos V5 ( (RFC 4752) (22133 bytes) obsoletes RFC 2222
    IETF Secretariat - Please send questions, comments, and/or suggestions to ietf-web@ietf.org.

    Return to working group directory.

    Return to IETF home page.