123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620 |
-
-
-
-
-
-
- Network Working Group K. Zeilenga, Ed.
- Request for Comments: 4616 OpenLDAP Foundation
- Updates: 2595 August 2006
- Category: Standards Track
-
-
- The PLAIN Simple Authentication and Security Layer (SASL) Mechanism
-
- Status of This Memo
-
- This document specifies an Internet standards track protocol for the
- Internet community, and requests discussion and suggestions for
- improvements. Please refer to the current edition of the "Internet
- Official Protocol Standards" (STD 1) for the standardization state
- and status of this protocol. Distribution of this memo is unlimited.
-
- Copyright Notice
-
- Copyright (C) The Internet Society (2006).
-
- Abstract
-
- This document defines a simple clear-text user/password Simple
- Authentication and Security Layer (SASL) mechanism called the PLAIN
- mechanism. The PLAIN mechanism is intended to be used, in
- combination with data confidentiality services provided by a lower
- layer, in protocols that lack a simple password authentication
- command.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- Zeilenga Standards Track [Page 1]
-
- RFC 4616 The PLAIN SASL Mechanism August 2006
-
-
- 1. Introduction
-
- Clear-text, multiple-use passwords are simple, interoperate with
- almost all existing operating system authentication databases, and
- are useful for a smooth transition to a more secure password-based
- authentication mechanism. The drawback is that they are unacceptable
- for use over network connections where data confidentiality is not
- ensured.
-
- This document defines the PLAIN Simple Authentication and Security
- Layer ([SASL]) mechanism for use in protocols with no clear-text
- login command (e.g., [ACAP] or [SMTP-AUTH]). This document updates
- RFC 2595, replacing Section 6. Changes since RFC 2595 are detailed
- in Appendix A.
-
- The name associated with this mechanism is "PLAIN".
-
- The PLAIN SASL mechanism does not provide a security layer.
-
- The PLAIN mechanism should not be used without adequate data security
- protection as this mechanism affords no integrity or confidentiality
- protections itself. The mechanism is intended to be used with data
- security protections provided by application-layer protocol,
- generally through its use of Transport Layer Security ([TLS])
- services.
-
- By default, implementations SHOULD advertise and make use of the
- PLAIN mechanism only when adequate data security services are in
- place. Specifications for IETF protocols that indicate that this
- mechanism is an applicable authentication mechanism MUST mandate that
- implementations support an strong data security service, such as TLS.
-
- The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
- "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
- document are to be interpreted as described in [Keywords].
-
- 2. PLAIN SASL Mechanism
-
- The mechanism consists of a single message, a string of [UTF-8]
- encoded [Unicode] characters, from the client to the server. The
- client presents the authorization identity (identity to act as),
- followed by a NUL (U+0000) character, followed by the authentication
- identity (identity whose password will be used), followed by a NUL
- (U+0000) character, followed by the clear-text password. As with
- other SASL mechanisms, the client does not provide an authorization
- identity when it wishes the server to derive an identity from the
- credentials and use that as the authorization identity.
-
-
-
-
- Zeilenga Standards Track [Page 2]
-
- RFC 4616 The PLAIN SASL Mechanism August 2006
-
-
- The formal grammar for the client message using Augmented BNF [ABNF]
- follows.
-
- message = [authzid] UTF8NUL authcid UTF8NUL passwd
- authcid = 1*SAFE ; MUST accept up to 255 octets
- authzid = 1*SAFE ; MUST accept up to 255 octets
- passwd = 1*SAFE ; MUST accept up to 255 octets
- UTF8NUL = %x00 ; UTF-8 encoded NUL character
-
- SAFE = UTF1 / UTF2 / UTF3 / UTF4
- ;; any UTF-8 encoded Unicode character except NUL
-
- UTF1 = %x01-7F ;; except NUL
- UTF2 = %xC2-DF UTF0
- UTF3 = %xE0 %xA0-BF UTF0 / %xE1-EC 2(UTF0) /
- %xED %x80-9F UTF0 / %xEE-EF 2(UTF0)
- UTF4 = %xF0 %x90-BF 2(UTF0) / %xF1-F3 3(UTF0) /
- %xF4 %x80-8F 2(UTF0)
- UTF0 = %x80-BF
-
- The authorization identity (authzid), authentication identity
- (authcid), password (passwd), and NUL character deliminators SHALL be
- transferred as [UTF-8] encoded strings of [Unicode] characters. As
- the NUL (U+0000) character is used as a deliminator, the NUL (U+0000)
- character MUST NOT appear in authzid, authcid, or passwd productions.
-
- The form of the authzid production is specific to the application-
- level protocol's SASL profile [SASL]. The authcid and passwd
- productions are form-free. Use of non-visible characters or
- characters that a user may be unable to enter on some keyboards is
- discouraged.
-
- Servers MUST be capable of accepting authzid, authcid, and passwd
- productions up to and including 255 octets. It is noted that the
- UTF-8 encoding of a Unicode character may be as long as 4 octets.
-
- Upon receipt of the message, the server will verify the presented (in
- the message) authentication identity (authcid) and password (passwd)
- with the system authentication database, and it will verify that the
- authentication credentials permit the client to act as the (presented
- or derived) authorization identity (authzid). If both steps succeed,
- the user is authenticated.
-
- The presented authentication identity and password strings, as well
- as the database authentication identity and password strings, are to
- be prepared before being used in the verification process. The
- [SASLPrep] profile of the [StringPrep] algorithm is the RECOMMENDED
- preparation algorithm. The SASLprep preparation algorithm is
-
-
-
- Zeilenga Standards Track [Page 3]
-
- RFC 4616 The PLAIN SASL Mechanism August 2006
-
-
- recommended to improve the likelihood that comparisons behave in an
- expected manner. The SASLprep preparation algorithm is not mandatory
- so as to allow the server to employ other preparation algorithms
- (including none) when appropriate. For instance, use of a different
- preparation algorithm may be necessary for the server to interoperate
- with an external system.
-
- When preparing the presented strings using [SASLPrep], the presented
- strings are to be treated as "query" strings (Section 7 of
- [StringPrep]) and hence unassigned code points are allowed to appear
- in their prepared output. When preparing the database strings using
- [SASLPrep], the database strings are to be treated as "stored"
- strings (Section 7 of [StringPrep]) and hence unassigned code points
- are prohibited from appearing in their prepared output.
-
- Regardless of the preparation algorithm used, if the output of a
- non-invertible function (e.g., hash) of the expected string is
- stored, the string MUST be prepared before input to that function.
-
- Regardless of the preparation algorithm used, if preparation fails or
- results in an empty string, verification SHALL fail.
-
- When no authorization identity is provided, the server derives an
- authorization identity from the prepared representation of the
- provided authentication identity string. This ensures that the
- derivation of different representations of the authentication
- identity produces the same authorization identity.
-
- The server MAY use the credentials to initialize any new
- authentication database, such as one suitable for [CRAM-MD5] or
- [DIGEST-MD5].
-
- 3. Pseudo-Code
-
- This section provides pseudo-code illustrating the verification
- process (using hashed passwords and the SASLprep preparation
- function) discussed above. This section is not definitive.
-
- boolean Verify(string authzid, string authcid, string passwd) {
- string pAuthcid = SASLprep(authcid, true); # prepare authcid
- string pPasswd = SASLprep(passwd, true); # prepare passwd
- if (pAuthcid == NULL || pPasswd == NULL) {
- return false; # preparation failed
- }
- if (pAuthcid == "" || pPasswd == "") {
- return false; # empty prepared string
- }
-
-
-
-
- Zeilenga Standards Track [Page 4]
-
- RFC 4616 The PLAIN SASL Mechanism August 2006
-
-
- storedHash = FetchPasswordHash(pAuthcid);
- if (storedHash == NULL || storedHash == "") {
- return false; # error or unknown authcid
- }
-
- if (!Compare(storedHash, Hash(pPasswd))) {
- return false; # incorrect password
- }
-
- if (authzid == NULL ) {
- authzid = DeriveAuthzid(pAuthcid);
- if (authzid == NULL || authzid == "") {
- return false; # could not derive authzid
- }
- }
-
- if (!Authorize(pAuthcid, authzid)) {
- return false; # not authorized
- }
-
- return true;
- }
-
- The second parameter of the SASLprep function, when true, indicates
- that unassigned code points are allowed in the input. When the
- SASLprep function is called to prepare the password prior to
- computing the stored hash, the second parameter would be false.
-
- The second parameter provided to the Authorize function is not
- prepared by this code. The application-level SASL profile should be
- consulted to determine what, if any, preparation is necessary.
-
- Note that the DeriveAuthzid and Authorize functions (whether
- implemented as one function or two, whether designed in a manner in
- which these functions or whether the mechanism implementation can be
- reused elsewhere) require knowledge and understanding of mechanism
- and the application-level protocol specification and/or
- implementation details to implement.
-
- Note that the Authorize function outcome is clearly dependent on
- details of the local authorization model and policy. Both functions
- may be dependent on other factors as well.
-
-
-
-
-
-
-
-
-
- Zeilenga Standards Track [Page 5]
-
- RFC 4616 The PLAIN SASL Mechanism August 2006
-
-
- 4. Examples
-
- This section provides examples of PLAIN authentication exchanges.
- The examples are intended to help the readers understand the above
- text. The examples are not definitive.
-
- "C:" and "S:" indicate lines sent by the client and server,
- respectively. "<NUL>" represents a single NUL (U+0000) character.
- The Application Configuration Access Protocol ([ACAP]) is used in the
- examples.
-
- The first example shows how the PLAIN mechanism might be used for
- user authentication.
-
- S: * ACAP (SASL "CRAM-MD5") (STARTTLS)
- C: a001 STARTTLS
- S: a001 OK "Begin TLS negotiation now"
- <TLS negotiation, further commands are under TLS layer>
- S: * ACAP (SASL "CRAM-MD5" "PLAIN")
- C: a002 AUTHENTICATE "PLAIN"
- S: + ""
- C: {21}
- C: <NUL>tim<NUL>tanstaaftanstaaf
- S: a002 OK "Authenticated"
-
- The second example shows how the PLAIN mechanism might be used to
- attempt to assume the identity of another user. In this example, the
- server rejects the request. Also, this example makes use of the
- protocol optional initial response capability to eliminate a round-
- trip.
-
- S: * ACAP (SASL "CRAM-MD5") (STARTTLS)
- C: a001 STARTTLS
- S: a001 OK "Begin TLS negotiation now"
- <TLS negotiation, further commands are under TLS layer>
- S: * ACAP (SASL "CRAM-MD5" "PLAIN")
- C: a002 AUTHENTICATE "PLAIN" {20+}
- C: Ursel<NUL>Kurt<NUL>xipj3plmq
- S: a002 NO "Not authorized to requested authorization identity"
-
- 5. Security Considerations
-
- As the PLAIN mechanism itself provided no integrity or
- confidentiality protections, it should not be used without adequate
- external data security protection, such as TLS services provided by
- many application-layer protocols. By default, implementations SHOULD
- NOT advertise and SHOULD NOT make use of the PLAIN mechanism unless
- adequate data security services are in place.
-
-
-
- Zeilenga Standards Track [Page 6]
-
- RFC 4616 The PLAIN SASL Mechanism August 2006
-
-
- When the PLAIN mechanism is used, the server gains the ability to
- impersonate the user to all services with the same password
- regardless of any encryption provided by TLS or other confidentiality
- protection mechanisms. Whereas many other authentication mechanisms
- have similar weaknesses, stronger SASL mechanisms address this issue.
- Clients are encouraged to have an operational mode where all
- mechanisms that are likely to reveal the user's password to the
- server are disabled.
-
- General [SASL] security considerations apply to this mechanism.
-
- Unicode, [UTF-8], and [StringPrep] security considerations also
- apply.
-
- 6. IANA Considerations
-
- The SASL Mechanism registry [IANA-SASL] entry for the PLAIN mechanism
- has been updated by the IANA to reflect that this document now
- provides its technical specification.
-
- To: iana@iana.org
- Subject: Updated Registration of SASL mechanism PLAIN
-
- SASL mechanism name: PLAIN
- Security considerations: See RFC 4616.
- Published specification (optional, recommended): RFC 4616
- Person & email address to contact for further information:
- Kurt Zeilenga <kurt@openldap.org>
- IETF SASL WG <ietf-sasl@imc.org>
- Intended usage: COMMON
- Author/Change controller: IESG <iesg@ietf.org>
- Note: Updates existing entry for PLAIN
-
- 7. Acknowledgements
-
- This document is a revision of RFC 2595 by Chris Newman. Portions of
- the grammar defined in Section 2 were borrowed from [UTF-8] by
- Francois Yergeau.
-
- This document is a product of the IETF Simple Authentication and
- Security Layer (SASL) Working Group.
-
-
-
-
-
-
-
-
-
-
- Zeilenga Standards Track [Page 7]
-
- RFC 4616 The PLAIN SASL Mechanism August 2006
-
-
- 8. Normative References
-
- [ABNF] Crocker, D., Ed. and P. Overell, "Augmented BNF for
- Syntax Specifications: ABNF", RFC 4234, October 2005.
-
- [Keywords] Bradner, S., "Key words for use in RFCs to Indicate
- Requirement Levels", BCP 14, RFC 2119, March 1997.
-
- [SASL] Melnikov, A., Ed., and K. Zeilenga, Ed., "Simple
- Authentication and Security Layer (SASL)", RFC 4422,
- June 2006.
-
- [SASLPrep] Zeilenga, K., "SASLprep: Stringprep Profile for User
- Names and Passwords", RFC 4013, February 2005.
-
- [StringPrep] Hoffman, P. and M. Blanchet, "Preparation of
- Internationalized Strings ("stringprep")", RFC 3454,
- December 2002.
-
- [Unicode] The Unicode Consortium, "The Unicode Standard, Version
- 3.2.0" is defined by "The Unicode Standard, Version
- 3.0" (Reading, MA, Addison-Wesley, 2000. ISBN 0-201-
- 61633-5), as amended by the "Unicode Standard Annex
- #27: Unicode 3.1"
- (http://www.unicode.org/reports/tr27/) and by the
- "Unicode Standard Annex #28: Unicode 3.2"
- (http://www.unicode.org/reports/tr28/).
-
- [UTF-8] Yergeau, F., "UTF-8, a transformation format of ISO
- 10646", STD 63, RFC 3629, November 2003.
-
- [TLS] Dierks, T. and E. Rescorla, "The Transport Layer
- Security (TLS) Protocol Version 1.1", RFC 4346, April
- 2006.
-
- 9. Informative References
-
- [ACAP] Newman, C. and J. Myers, "ACAP -- Application
- Configuration Access Protocol", RFC 2244, November
- 1997.
-
- [CRAM-MD5] Nerenberg, L., Ed., "The CRAM-MD5 SASL Mechanism", Work
- in Progress, June 2006.
-
- [DIGEST-MD5] Melnikov, A., Ed., "Using Digest Authentication as a
- SASL Mechanism", Work in Progress, June 2006.
-
-
-
-
-
- Zeilenga Standards Track [Page 8]
-
- RFC 4616 The PLAIN SASL Mechanism August 2006
-
-
- [IANA-SASL] IANA, "SIMPLE AUTHENTICATION AND SECURITY LAYER (SASL)
- MECHANISMS",
- <http://www.iana.org/assignments/sasl-mechanisms>.
-
- [SMTP-AUTH] Myers, J., "SMTP Service Extension for Authentication",
- RFC 2554, March 1999.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- Zeilenga Standards Track [Page 9]
-
- RFC 4616 The PLAIN SASL Mechanism August 2006
-
-
- Appendix A. Changes since RFC 2595
-
- This appendix is non-normative.
-
- This document replaces Section 6 of RFC 2595.
-
- The specification details how the server is to compare client-
- provided character strings with stored character strings.
-
- The ABNF grammar was updated. In particular, the grammar now allows
- LINE FEED (U+000A) and CARRIAGE RETURN (U+000D) characters in the
- authzid, authcid, passwd productions. However, whether these control
- characters may be used depends on the string preparation rules
- applicable to the production. For passwd and authcid productions,
- control characters are prohibited. For authzid, one must consult the
- application-level SASL profile. This change allows PLAIN to carry
- all possible authorization identity strings allowed in SASL.
-
- Pseudo-code was added.
-
- The example section was expanded to illustrate more features of the
- PLAIN mechanism.
-
- Editor's Address
-
- Kurt D. Zeilenga
- OpenLDAP Foundation
-
- EMail: Kurt@OpenLDAP.org
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- Zeilenga Standards Track [Page 10]
-
- RFC 4616 The PLAIN SASL Mechanism August 2006
-
-
- Full Copyright Statement
-
- Copyright (C) The Internet Society (2006).
-
- This document is subject to the rights, licenses and restrictions
- contained in BCP 78, and except as set forth therein, the authors
- retain all their rights.
-
- This document and the information contained herein are provided on an
- "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
- OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
- ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
- INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
- INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
- WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
-
- Intellectual Property
-
- The IETF takes no position regarding the validity or scope of any
- Intellectual Property Rights or other rights that might be claimed to
- pertain to the implementation or use of the technology described in
- this document or the extent to which any license under such rights
- might or might not be available; nor does it represent that it has
- made any independent effort to identify any such rights. Information
- on the procedures with respect to rights in RFC documents can be
- found in BCP 78 and BCP 79.
-
- Copies of IPR disclosures made to the IETF Secretariat and any
- assurances of licenses to be made available, or the result of an
- attempt made to obtain a general license or permission for the use of
- such proprietary rights by implementers or users of this
- specification can be obtained from the IETF on-line IPR repository at
- http://www.ietf.org/ipr.
-
- The IETF invites any interested party to bring to its attention any
- copyrights, patents or patent applications, or other proprietary
- rights that may cover technology that may be required to implement
- this standard. Please address the information to the IETF at
- ietf-ipr@ietf.org.
-
- Acknowledgement
-
- Funding for the RFC Editor function is provided by the IETF
- Administrative Support Activity (IASA).
-
-
-
-
-
-
-
- Zeilenga Standards Track [Page 11]
-
|