Using Digest Authentication as a SASL Mechanism
RFC 2831

Document Type RFC - Historic (May 2000; No errata)
Obsoleted by RFC 6331
Was draft-leach-digest-sasl (individual)
Last updated 2013-03-02
Stream Legacy
Formats plain text html pdf htmlized bibtex
Stream Legacy state (None)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state RFC 2831 (Historic)
Telechat date
Responsible AD (None)
Send notices to (None)
Network Working Group                                           P. Leach
Request for Comments: 2831                                     Microsoft
Category: Standards Track                                      C. Newman
                                                                Innosoft
                                                                May 2000

            Using Digest Authentication as a SASL Mechanism

Status of this Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2000).  All Rights Reserved.

Abstract

   This specification defines how HTTP Digest Authentication [Digest]
   can be used as a SASL [RFC 2222] mechanism for any protocol that has
   a SASL profile. It is intended both as an improvement over CRAM-MD5
   [RFC 2195] and as a convenient way to support a single authentication
   mechanism for web, mail, LDAP, and other protocols.

Table of Contents

   1 INTRODUCTION.....................................................2
    1.1 CONVENTIONS AND NOTATION......................................2
    1.2 REQUIREMENTS..................................................3
   2 AUTHENTICATION...................................................3
    2.1 INITIAL AUTHENTICATION........................................3
     2.1.1 Step One...................................................3
     2.1.2 Step Two...................................................6
     2.1.3 Step Three................................................12
    2.2 SUBSEQUENT AUTHENTICATION....................................12
     2.2.1 Step one..................................................13
     2.2.2 Step Two..................................................13
    2.3 INTEGRITY PROTECTION.........................................13
    2.4 CONFIDENTIALITY PROTECTION...................................14
   3 SECURITY CONSIDERATIONS.........................................15
    3.1 AUTHENTICATION OF CLIENTS USING DIGEST AUTHENTICATION........15
    3.2 COMPARISON OF DIGEST WITH PLAINTEXT PASSWORDS................16
    3.3 REPLAY ATTACKS...............................................16

Leach & Newman              Standards Track                     [Page 1]
RFC 2831                 Digest SASL Mechanism                  May 2000

    3.4 ONLINE DICTIONARY ATTACKS....................................16
    3.5 OFFLINE DICTIONARY ATTACKS...................................16
    3.6 MAN IN THE MIDDLE............................................17
    3.7 CHOSEN PLAINTEXT ATTACKS.....................................17
    3.8 SPOOFING BY COUNTERFEIT SERVERS..............................17
    3.9 STORING PASSWORDS............................................17
    3.10 MULTIPLE REALMS.............................................18
    3.11 SUMMARY.....................................................18
   4 EXAMPLE.........................................................18
   5 REFERENCES......................................................20
   6 AUTHORS' ADDRESSES..............................................21
   7 ABNF............................................................21
    7.1 AUGMENTED BNF................................................21
    7.2 BASIC RULES..................................................23
   8 SAMPLE CODE.....................................................25
   9 FULL COPYRIGHT STATEMENT........................................27

1  Introduction

   This specification describes the use of HTTP Digest Access
   Authentication as a SASL mechanism. The authentication type
   associated with the Digest SASL mechanism is "DIGEST-MD5".

   This specification is intended to be upward compatible with the
   "md5-sess" algorithm of HTTP/1.1 Digest Access Authentication
   specified in [Digest]. The only difference in the "md5-sess"
   algorithm is that some directives not needed in a SASL mechanism have
   had their values defaulted.

   There is one new feature for use as a SASL mechanism: integrity
   protection on application protocol messages after an authentication
   exchange.

   Also, compared to CRAM-MD5, DIGEST-MD5 prevents chosen plaintext
   attacks, and permits the use of third party authentication servers,
   mutual authentication, and optimized reauthentication if a client has
   recently authenticated to a server.

1.1  Conventions and Notation

   This specification uses the same ABNF notation and lexical
   conventions as HTTP/1.1 specification; see appendix A.

   Let { a, b, ... } be the concatenation of the octet strings a, b, ...

   Let H(s) be the 16 octet MD5 hash [RFC 1321] of the octet string s.
Show full document text