Protocol Action: 'The PLAIN SASL Mechanism' to Proposed Standard

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

The IESG has approved the following document:

- 'The PLAIN SASL Mechanism '
   <draft-ietf-sasl-plain-09.txt> as a Proposed Standard

This document is the product of the Simple Authentication and Security Layer 
Working Group. 

The IESG contact persons are Sam Hartman and Russ Housley.

A URL of this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-sasl-plain-09.txt

Technical Summary
 

 This document defines a simple clear-text user/password Simple
 Authentication and Security Layer (SASL) mechanism called the PLAIN
 mechanism.  The PLAIN mechanism is intended to be used, in combination
 with data confidentiality services provided by a lower layer, in
 protocols which lack a simple password authentication command. This document
updates RFC 2595.
 
Working Group Summary
 
 The working group came to rough consensus on this document.  There
 was some debate about how stringprep's desire to avoid comparison of
 two strings both involving unassigned codepoints interacts with
 situations where one string is transported by an IETF-controlled
 protocol like this mechanism and the other string is the providence of
 an implementation-specific protocol with broader applicability than
 this specification.

 
Protocol Quality
 
 This specification has been reviewed by Sam Hartman for the IESG.

RFC Editor Note
 
  In section 1

old:
  Clear-text, multiple-use passwords are simple, interoperate with
  almost all existing operating system authentication databases, and are
  useful for a smooth transition to a more secure password-based
  authentication mechanism. The drawback is that they are unacceptable
  for use over network connection where data confidentiality is not
  assured (by encryption or other means).

  new (removing parenthetical):

  Clear-text, multiple-use passwords are simple, interoperate with
  almost all existing operating system authentication databases, and are
  useful for a smooth transition to a more secure password-based
  authentication mechanism. The drawback is that they are unacceptable
  for use over network connection where data confidentiality is not
  assured.


_______________________________________________

IETF-Announce@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf-announce
[Index of Archives]     [IETF]     [IETF Discussion]     [Linux Kernel]

  Powered by Linux