Simple Authentication and Security Layer

Simple authentication and security layer (SASL) is a framework that is used by various protocols to authenticate to the Internet. It was defined as RFC 2222 in October 1997, which was replaced by RFC 4422 in June 2006.

SASL thus provides the application protocol with a standardized way of negotiating communication parameters. As a rule, only one authentication method is negotiated, but it can also be agreed that first an encrypted transport protocol, such as, for example, TLS, is changed. The SASL implementations on the client and server side agree on one method, and this can then be used transparently by the application. This standard significantly simplifies the development of secure application protocols. The developer simply needs to use an existing SASL implementation instead of implementing a complete authentication and data encryption process.

SASL is used for SMTP, IMAP, POP3, LDAP, and XMPP, among other things. SASL Authentication mechanismsChange source text

The standardized mechanisms are listed at IANA (see Weblinks). Below is a list of the best known mechanisms: Edit source text Weblinks Edit sourcetext SASL Working Group SASL mechanisms libraries

wiki