Using Digest Authentication as a SASL Mechanism
RFC 2831
Document | Type |
RFC - Historic
(May 2000; No errata)
Obsoleted by RFC 6331
Was draft-leach-digest-sasl (individual)
|
|
---|---|---|---|
Authors | Paul Leach , Chris Newman | ||
Last updated | 2013-03-02 | ||
Stream | Legacy stream | ||
Formats | plain text html pdf htmlized (tools) htmlized bibtex | ||
Stream | Legacy state | (None) | |
Consensus Boilerplate | Unknown | ||
RFC Editor Note | (None) | ||
IESG | IESG state | RFC 2831 (Historic) | |
Telechat date | |||
Responsible AD | (None) | ||
Send notices to | (None) |
Network Working Group P. Leach Request for Comments: 2831 Microsoft Category: Standards Track C. Newman Innosoft May 2000 Using Digest Authentication as a SASL Mechanism Status of this Memo This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The Internet Society (2000). All Rights Reserved. Abstract This specification defines how HTTP Digest Authentication [Digest] can be used as a SASL [RFC 2222] mechanism for any protocol that has a SASL profile. It is intended both as an improvement over CRAM-MD5 [RFC 2195] and as a convenient way to support a single authentication mechanism for web, mail, LDAP, and other protocols. Table of Contents 1 INTRODUCTION.....................................................2 1.1 CONVENTIONS AND NOTATION......................................2 1.2 REQUIREMENTS..................................................3 2 AUTHENTICATION...................................................3 2.1 INITIAL AUTHENTICATION........................................3 2.1.1 Step One...................................................3 2.1.2 Step Two...................................................6 2.1.3 Step Three................................................12 2.2 SUBSEQUENT AUTHENTICATION....................................12 2.2.1 Step one..................................................13 2.2.2 Step Two..................................................13 2.3 INTEGRITY PROTECTION.........................................13 2.4 CONFIDENTIALITY PROTECTION...................................14 3 SECURITY CONSIDERATIONS.........................................15 3.1 AUTHENTICATION OF CLIENTS USING DIGEST AUTHENTICATION........15 3.2 COMPARISON OF DIGEST WITH PLAINTEXT PASSWORDS................16 3.3 REPLAY ATTACKS...............................................16 Leach & Newman Standards Track [Page 1] RFC 2831 Digest SASL Mechanism May 2000 3.4 ONLINE DICTIONARY ATTACKS....................................16 3.5 OFFLINE DICTIONARY ATTACKS...................................16 3.6 MAN IN THE MIDDLE............................................17 3.7 CHOSEN PLAINTEXT ATTACKS.....................................17 3.8 SPOOFING BY COUNTERFEIT SERVERS..............................17 3.9 STORING PASSWORDS............................................17 3.10 MULTIPLE REALMS.............................................18 3.11 SUMMARY.....................................................18 4 EXAMPLE.........................................................18 5 REFERENCES......................................................20 6 AUTHORS' ADDRESSES..............................................21 7 ABNF............................................................21 7.1 AUGMENTED BNF................................................21 7.2 BASIC RULES..................................................23 8 SAMPLE CODE.....................................................25 9 FULL COPYRIGHT STATEMENT........................................27 1 Introduction This specification describes the use of HTTP Digest Access Authentication as a SASL mechanism. The authentication type associated with the Digest SASL mechanism is "DIGEST-MD5". This specification is intended to be upward compatible with the "md5-sess" algorithm of HTTP/1.1 Digest Access Authentication specified in [Digest]. The only difference in the "md5-sess" algorithm is that some directives not needed in a SASL mechanism have had their values defaulted. There is one new feature for use as a SASL mechanism: integrity protection on application protocol messages after an authentication exchange. Also, compared to CRAM-MD5, DIGEST-MD5 prevents chosen plaintext attacks, and permits the use of third party authentication servers, mutual authentication, and optimized reauthentication if a client has recently authenticated to a server. 1.1 Conventions and Notation This specification uses the same ABNF notation and lexical conventions as HTTP/1.1 specification; see appendix A. Let { a, b, ... } be the concatenation of the octet strings a, b, ... Let H(s) be the 16 octet MD5 hash [RFC 1321] of the octet string s.Show full document text