Simple Authentication and Security Layer (SASL)
Authentication + optional data-stream protection
Security mechanisms, app protocols profiled independently
Optional authorization ID distinct from authn credential
Three conceptual implementation layers:
application, SASL library, mechanism plugins
GSSAPI mechs via single GSS/SASL mech (maybe)
TLS client cert via EXTERNAL
username/pw via PLAIN (but please don't)
rlmorgan
@
washington.edu
[
next
|
top
]
BLOCKS BoF, IETF 47, March 2000