Simple Authentication and Security Layer (SASL)

Document Type Expired Internet-Draft (sasl WG)
Authors Alexey Melnikov  , Kurt Zeilenga 
Last updated 2009-04-14
Stream Internet Engineering Task Force (IETF)
Intended RFC status (None)
Expired & archived
plain text pdf htmlized bibtex
Stream WG state WG Document
Document shepherd No shepherd assigned
IESG IESG state Expired
Consensus Boilerplate Unknown
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


The Simple Authentication and Security Layer (SASL) is a framework for providing authentication and data security services in connection-oriented protocols via replaceable mechanisms. It provides a structured interface between protocols and mechanisms. The resulting framework allows new protocols to reuse existing mechanisms and allows old protocols to make use of new mechanisms. The framework also provides a protocol for securing subsequent protocol exchanges within a data security layer. This document describes how a SASL mechanism is structured, describes how protocols include support for SASL, and defines the protocol for carrying a data security layer over a connection. In addition, this document defines one SASL mechanism, the EXTERNAL mechanism. This document obsoletes RFC 4422 [[when approved]].


Alexey Melnikov (
Kurt Zeilenga (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)