Simple Authentication and Security Layer (sasl)
-----------------------------------------------

 Charter
 Last Modified: 2008-04-23

 Current Status: Active Working Group

 Chair(s):
     Kurt Zeilenga  <kurt.zeilenga@isode.com>
     Tom Yu  <tlyu@mit.edu>

 Security Area Director(s):
     Tim Polk  <tim.polk@nist.gov>
     Pasi Eronen  <pasi.eronen@nokia.com>

 Security Area Advisor:
     Pasi Eronen  <pasi.eronen@nokia.com>

 Mailing Lists: 
     General Discussion:ietf-sasl@imc.org
     To Subscribe:      ietf-sasl-request@imc.org
         In Body:       subscribe
     Archive:           http://www.imc.org/ietf-sasl/mail-archive/

Description of Working Group:

The Simple Authentication and Security Layer [RFC2222] provides key
security services to a number of application protocols including BEEP,
IMAP, LDAP, POP, and SMTP. The purpose of this working group is to
shepherd SASL, including select SASL mechanisms, through the Internet
Standards process.

This group will deliver a revised SASL Technical Specification
suitable for consideration as a Draft Standard. This work will be
based upon RFC 2222 and draft-myers-saslrev.

This group will deliver revised Technical Specifications suitable for
consideration as Draft Standards for the following SASL mechanisms:
ANONYMOUS, PLAIN, CRAM-MD5, DIGEST-MD5, and EXTERNAL. This work will
be based upon RFC 2195, RFC 2222, RFC 2831, draft-zeilenga-sasl-anon,
draft-zeilenga-sasl-plain, draft-nerenberg-sasl-crammd5 and
draft-melnikov-rfc2831bis, and draft-myers-saslrev-xx.txt.

This group will deliver a revised Technical Specification suitable for
publication as Proposed Standard for the GSSAPI family of SASL
mechanisms. This work will be based upon RFC 2222 and
draft-ietf-cat-sasl-gssapi.

The following areas are not within the scope of work of this WG:

- new features,

- SASL Mechanisms not specifically mentioned above, and

- SASL "profiles".

However, the SASL WG is an acceptable forum for review of SASL-related
submissions produced by others as long as such review does not impede
progress on the WG objectives listed above.

 Goals and Milestones:

   Done         Submit revised SASL (+ EXTERNAL) I-D 

   Done         Submit revised SASL ANONYMOUS I-D 

   Done         Submit revised SASL PLAIN I-D 

   Done         Submit revised SASL CRAM-MD5 I-D 

   Done         Submit revised SASL DIGEST-MD5 I-D 

   Done         Submit revised SASL GSSAPI I-D 

   Done         Submit SASL (+ EXTERNAL) to the IESG for consideration as a 
                Proposed Standard 

   Done         Submit GSSAPI to IESG for consideration as a Proposed Standard 

   Sep 2006       Submit GS2 to IESG for consideration as a Proposed Standard 

   Sep 2006       Submit CRAM-MD5 to IESG for consideration as a Proposed 
                Standard 

   Oct 2006       Submit DIGEST-MD5 to IESG for consideration as a Proposed 
                Standard 

   Oct 2006       Provide implementation report plan (with milestones) 

   Nov 2006       Revise charter or conclude 


 Internet-Drafts:

Posted Revised         I-D Title   <Filename>
------ ------- --------------------------------------------
Feb 2006 Jul 2008   <draft-ietf-sasl-gs2-10.txt>
                Using GSS-API Mechanisms in SASL: The GS2 Mechanism Family 

 Request For Comments:

  RFC   Stat Published     Title
------- -- ----------- ------------------------------------
RFC4013Standard  Mar 2005    SASLprep: Stringprep profile for user names and 
                       passwords 

RFC4422 PS   Jun 2006    Simple Authentication and Security Layer (SASL) 

RFC4505 PS   Jun 2006    Anonymous Simple Authentication and Security Layer 
                       (SASL) Mechanism 

RFC4616 PS   Aug 2006    The PLAIN Simple Authentication and Security Layer 
                       (SASL) Mechanism 

RFC4752 PS   Nov 2006    The Kerberos V5 (