Talk:Simple Authentication and Security Layer
This is not a forum for general discussion of the subject of the article.
- Put new text under old text. Click here to start a new topic.
- New to Wikipedia? Welcome! Learn to edit; get help.
- Assume good faith
- Be polite and avoid personal attacks
- Be welcoming to newcomers
- Seek dispute resolution if needed
It is of interest to the following WikiProjects:
SASL Mechanism missing
[edit ]The SASL mechanism "LOGIN" (referenced in PLAIN) is missing. Anyone care to write about it? 201.213.16.47 15:43, 27 March 2007 (UTC) [reply ]
It would also be nice if SCRAM was mentioned. —Preceding unsigned comment added by 77.110.10.251 (talk) 20:29, 29 December 2010 (UTC) [reply ]
Details
[edit ]My edits to this page are based on a quick read of the RFCs/I-Ds rather than any prior familiarity with SASL. Anyone who's actually familiar with it as designed and/or deployed should feel free to edit.
The framework RFC implies that the separation between authentication and authorization identifiers might be a key aspect of this protocol, but I don't understand this well enough to write about it. Perhaps someone else could comment?
JTN 21:46, 2004 Nov 12 (UTC)
- How does the protocol work? Does it transmit passwords in the clear? A chart showing the position of the protocol in an abstraction layer scheme would also be helpful. -- Beland (talk) 20:39, 23 January 2008 (UTC) [reply ]
- SASL does define a method for cleartext passwords along with a number of other authentication mechanisms. I'd consider it an application layer mechanism; sort of a reusable component so that all applications don't need to reinvent the wheel when doing authentication.--82.130.34.32 (talk) 13:26, 12 August 2008 (UTC) [reply ]
XAM
[edit ]XAM is supporting / using SASL as well