RFC 3163 (rfc3163) - Page 1 of 17

ISO/IEC 9798-3 Authentication SASL Mechanism

Network Working Group                                      R. Zuccherato
Request for Comments: 3163                          Entrust Technologies
Category: Experimental                                        M. Nystrom
                                                            RSA Security
                                                             August 2001


              ISO/IEC 9798-3 Authentication SASL Mechanism

Status of this Memo

   This memo defines an Experimental Protocol for the Internet
   community.  It does not specify an Internet standard of any kind.
   Discussion and suggestions for improvement are requested.
   Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2001).  All Rights Reserved.

IESG Note

   It is the opinion of the Security Area Directors that this document
   defines a mechanism to use a complex system (namely PKI certificates)
   for authentication, but then intentionally discards the key benefits
   (namely integrity on each transmission).  Put another way, it has all
   of the pain of implementing a PKI and none of the benefits.  We
   should not support it in use in Internet protocols.

   The same effect, with the benefits of PKI, can be had by using
   TLS/SSL, an existing already standards track protocol.

Abstract

   This document defines a SASL (Simple Authentication and Security
   Layer) authentication mechanism based on ISO/IEC 9798-3 and FIPS PUB
   196 entity authentication.














Zuccherato & Nystrom          Experimental