RFC 2222 (rfc2222) - Page 2 of 16
Simple Authentication and Security Layer (SASL)
Alternative Format: Original Text Document
RFC 2222 SASL October 1997 Appendix A. Relation of SASL to Transport Security .......... 15 Full Copyright Statement .................................... 16 1. Abstract This document describes a method for adding authentication support to connection-based protocols. To use this specification, a protocol includes a command for identifying and authenticating a user to a server and for optionally negotiating protection of subsequent protocol interactions. If its use is negotiated, a security layer is inserted between the protocol and the connection. This document describes how a protocol specifies such a command, defines several mechanisms for use by the command, and defines the protocol used for carrying a negotiated security layer over the connection. 2. Organization of this Document 2.1. How to Read This Document This document is written to serve two different audiences, protocol designers using this specification to support authentication in their protocol, and implementors of clients or servers for those protocols using this specification. The sections "Introduction and Overview", "Profiling requirements", and "Security Considerations" cover issues that protocol designers need to understand and address in profiling this specification for use in a specific protocol. Implementors of a protocol using this specification need the protocol-specific profiling information in addition to the information in this document. 2.2. Conventions Used in this Document In examples, "C:" and "S:" indicate lines sent by the client and server respectively. The key words "MUST", "MUST NOT", "SHOULD", "SHOULD NOT", and "MAY" in this document are to be interpreted as defined in "Key words for use in RFCs to Indicate Requirement Levels" [RFC 2119]. Myers Standards Track
