Javascript disabled? Like other modern websites, the IETF Datatracker relies on Javascript. Please enable Javascript for full functionality.

The Hashed Token SASL Mechanism
draft-schmaus-kitten-sasl-ht-09

Versions:

This document is an Internet-Draft (I-D). Anyone may submit an I-D to the IETF. This I-D is not endorsed by the IETF and has no formal standing in the IETF standards process.

The information below is for an old version of the document.

Document	Type	This is an older version of an Internet-Draft whose latest revision state is "Replaced". Expired & archived
	Authors	Florian Schmaus , Christoph Egger
	Last updated	2023-05-10 (Latest revision 2022-11-06)
	Replaced by	draft-ietf-kitten-sasl-ht
	RFC stream	(None)
	Formats	txt html xml htmlized bibtex bibxml
Stream	Stream state	(No stream defined)
	Consensus boilerplate	Unknown
	RFC Editor Note	(None)
IESG	IESG state	Expired
	Telechat date	(None)
	Responsible AD	(None)
	Send notices to	(None)

Email authors IPR References Referenced by Nits Search email archive

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:

txt html xml htmlized bibtex bibxml

Abstract

This document specifies the family of Hashed Token SASL mechanisms which enable a proof-of-possession-based authentication scheme and are meant to be used for quick re-authentication of a previous session. The Hashed Token SASL mechanism's authentication sequence consists of only one round-trip. The usage of short-lived, exclusively ephemeral hashed tokens is achieving the single round- trip property. The SASL mechanism specified herin further provides hash agility, mutual authentication and support for channel binding.

Authors

Florian Schmaus
Christoph Egger

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)

The Hashed Token SASL Mechanism draft-schmaus-kitten-sasl-ht-09

The Hashed Token SASL Mechanism
draft-schmaus-kitten-sasl-ht-09