Protocol Action: 'Simple Authentication and Security Layer (SASL)' to Proposed Standard
The IESG <iesg-secretary@ietf.org> Tue, 21 March 2006 16:57 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1FLkAo-0000WN-GN; Tue, 21 Mar 2006 11:57:34 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FLkAn-0000W9-85; Tue, 21 Mar 2006 11:57:33 -0500
Received: from willow.neustar.com ([209.173.53.84]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FLkAn-0007ja-1G; Tue, 21 Mar 2006 11:57:33 -0500
Received: from stiedprstage1.ietf.org (stiedprstage1.va.neustar.com [10.31.47.10]) by willow.neustar.com (8.12.8/8.12.8) with ESMTP id k2LGvW9W001172 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 21 Mar 2006 16:57:32 GMT
Received: from ietf by stiedprstage1.ietf.org with local (Exim 4.43) id 1FLkAm-0005dB-FQ; Tue, 21 Mar 2006 11:57:32 -0500
X-test-idtracker: no
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Message-Id: <E1FLkAm-0005dB-FQ@stiedprstage1.ietf.org>
Date: Tue, 21 Mar 2006 11:57:32 -0500
X-Spam-Score: 0.1 (/)
X-Scan-Signature: a87a9cdae4ac5d3fbeee75cd0026d632
Cc: sasl chair <kurt@openLDAP.org>, Internet Architecture Board <iab@iab.org>, sasl mailing list <ietf-sasl@imc.org>, sasl chair <tlyu@mit.edu>, RFC Editor <rfc-editor@rfc-editor.org>
Subject: Protocol Action: 'Simple Authentication and Security Layer (SASL)' to Proposed Standard
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: ietf-announce.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
Errors-To: ietf-announce-bounces@ietf.org
The IESG has approved the following document: - 'Simple Authentication and Security Layer (SASL) ' <draft-ietf-sasl-rfc2222bis-15.txt> as a Proposed Standard This document is the product of the Simple Authentication and Security Layer Working Group. The IESG contact persons are Sam Hartman and Russ Housley. A URL of this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-sasl-rfc2222bis-15.txt Technical Summary This document replaces RFC 2222 as the definition of the Simple Authentication and Security Layer (SASL), a framework for providing authentication and data security services in connection-oriented protocols via replaceable mechanisms. SASL provides a structured interface between protocols and mechanisms. The resulting framework allows new protocols to reuse existing mechanisms and allows old protocols to make use of new mechanisms. The framework also provides a protocol for securing subsequent protocol exchanges within a data security layer. This document also defines one SASL mechanism, the EXTERNAL mechanism. Working Group Summary The document has been through multiple last calls. The most recent last call produced only editorial comments. Protocol Quality Many people have provided valuable reviews of this specification. This specification was reviewed by Sam Hartman for the IESG. Note to RFC Editor Note to the RFC Editor: In draft-ietf-sasl-rfc2222bis: In section 6.1.1, replace: Implementations should close the connection with Implementations SHOULD close the connection In section 6.1.2, pp 2, replace: implementations should not advertise mechanisms and/or features which cannot meet their minimum security requirements, should not enter into or continue authentication exchanges which cannot meet their minimum security requirements, and should verify with: implementations SHOULD NOT advertise mechanisms and/or features which cannot meet their minimum security requirements, SHOULD NOT enter into or continue authentication exchanges which cannot meet their minimum security requirements, and SHOULD verify In Section 6.1.2, pp 3, replace: the client may discover the SASL mechanisms with: the client can discover the SASL mechanisms and replace: the client should close with the client SHOULD close In Section 6.1.5, replace: receiver should handle with: receiver SHOULD handle and replace: it must not blindly allocate with: it MUST NOT blindly allocate and replace: it should close the connection with it SHOULD close the connection In section 6.3, replace Applications that wish with Implementations that wish and replace should reauthenitcate with: SHOULD reauthenticate using _______________________________________________ IETF-Announce mailing list IETF-Announce@ietf.org https://www1.ietf.org/mailman/listinfo/ietf-announce