Alternative password SASL authentication mechanims
Kurt Zeilenga <Kurt.Zeilenga@isode.com> Mon, 12 March 2007 01:09 UTC
Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l2C19w9N040210 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sun, 11 Mar 2007 18:09:58 -0700 (MST) (envelope-from owner-ietf-sasl@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id l2C19waU040209; Sun, 11 Mar 2007 18:09:58 -0700 (MST) (envelope-from owner-ietf-sasl@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-sasl@mail.imc.org using -f
Received: from rufus.isode.com (rufus.isode.com [62.3.217.251]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l2C19v68040203 for <ietf-sasl@imc.org>; Sun, 11 Mar 2007 18:09:58 -0700 (MST) (envelope-from Kurt.Zeilenga@Isode.com)
Received: from [192.168.1.103] ((unknown) [24.176.246.106]) by rufus.isode.com (submission channel) via TCP with ESMTPA id <RfSoYwB5I0A-@rufus.isode.com> for <ietf-sasl@imc.org>; Mon, 12 Mar 2007 01:09:55 +0000
X-SMTP-Protocol-Errors: NORDNS
Mime-Version: 1.0 (Apple Message framework v752.3)
Content-Transfer-Encoding: 7bit
Message-Id: <2B58F1C8-9704-4DEF-A61F-A6C938DD6F50@Isode.com>
Content-Type: text/plain; charset="US-ASCII"; delsp="yes"; format="flowed"
To: ietf-sasl@imc.org
From: Kurt Zeilenga <Kurt.Zeilenga@isode.com>
Subject: Alternative password SASL authentication mechanims
Date: Sun, 11 Mar 2007 18:10:21 -0700
X-Mailer: Apple Mail (2.752.3)
Sender: owner-ietf-sasl@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-sasl/mail-archive/>
List-ID: <ietf-sasl.imc.org>
List-Unsubscribe: <mailto:ietf-sasl-request@imc.org?body=unsubscribe>
I draw your attention to two individual submissions proposing new
password SASL authentications mechanisms as alternatives...
Title : The Hash Exchange Authentication SASL Mechanism
Author(s) : D. Cridland, A. Melnikov
Filename : draft-cridland-sasl-hexa-00.txt
Pages : 12
Date : 2007-2-28
This memo defines and discusses a SASL mechanism that is based on
the
exchange of hashes. It does not require the storage of a plaintext
equivalent on the server, is simple to implement, and provides a
reasonable level of security.
Title : SASL Yet Another Password Mechanism
Author(s) : K. Zeilenga
Filename : draft-zeilenga-sasl-yap-00.txt
Pages : 7
Date : 2007-2-27
This document describes a password authentication mechanism, called
YAP-SHA-256, for use in protocols support Simple Authentication and
Security Layer (SASL) framework. The mechanism relies on security
services provided by a lower layer, such as Transport Layer Security
(TLS), to protect the authentication exchange, and subsequent
application data exchange, from common attacks. The YAP-SHA-256
mechanism may be viewed as an alternative to other password-based
SASL
mechanism, such as PLAIN, CRAM-MD5, and DIGEST-MD5.
- Re: Alternative password SASL authentication mech… Kurt Zeilenga
- Re: Alternative password SASL authentication mech… Kurt Zeilenga
- Re: Alternative password SASL authentication mech… Jeffrey Hutzelman
- Re: Alternative password SASL authentication mech… Steven Simon
- Re: Alternative password SASL authentication mech… Simon Josefsson
- Re: Alternative password SASL authentication mech… Abhijit Menon-Sen
- Alternative password SASL authentication mechanims Kurt Zeilenga