A Simple Authentication and Security Layer (SASL) and Generic Security Service Application Program Interface (GSS-API) Mechanism for OpenID

OpenID has found its usage on the Internet for Web Single Sign-On. Simple Authentication and Security Layer (SASL) and the Generic Security Service Application Program Interface (GSS-API) are application frameworks to generalize authentication. This memo specifies a SASL and GSS-API mechanism for OpenID that allows the integration of existing OpenID Identity Providers with applications using SASL and GSS-API. [STANDARDS-TRACK]

[1]  Peter Saint-Andre,et al.  Extensible Messaging and Presence Protocol (XMPP): Core , 2004, RFC.

[2]  Russ Housley,et al.  Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile , 2002, RFC.

[3]  Arnt Gulbrandsen,et al.  IMAP Extension for Simple Authentication and Security Layer (SASL) Initial Client Response , 2007, RFC.

[4]  Donald E. Eastlake,et al.  Reserved Top Level DNS Names , 1999, RFC.

[5]  Roy T. Fielding,et al.  Hypertext Transfer Protocol - HTTP/1.1 , 1997, RFC.

[6]  David Cooper,et al.  Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile , 2008, RFC.

[7]  Nicolas Williams Extended Generic Security Service Mechanism Inquiry APIs , 2009, RFC.

[8]  Alexey Melnikov,et al.  Simple Authentication and Security Layer (SASL) , 2006, RFC.

[9]  Marshall T. Rose,et al.  Post Office Protocol: Version 3 , 1988, RFC.

[10]  Marshall T. Rose,et al.  Post Office Protocol - Version 3 , 1988, RFC.

[11]  Roy T. Fielding,et al.  Uniform Resource Identifiers (URI): Generic Syntax , 1998, RFC.

[12]  John Linn,et al.  Generic Security Service Application Program Interface Version 2, Update 1 , 2000, RFC.

[13]  Peter Davis,et al.  Extensible Resource Identifier (XRI) , 2005 .

[14]  Roy T. Fielding,et al.  Uniform Resource Identifier (URI): Generic Syntax , 2005, RFC.

[15]  Dave Crocker,et al.  Augmented BNF for Syntax Specifications: ABNF , 1997, RFC.

[16]  Mark R. Crispin Internet Message Access Protocol - Version 4rev1 , 1996, RFC.

[17]  Tim Dierks,et al.  The Transport Layer Security (TLS) Protocol Version 1.2 , 2008 .

[18]  Scott O. Bradner,et al.  Key words for use in RFCs to Indicate Requirement Levels , 1997, RFC.

[19]  Simon Josefsson,et al.  Using Generic Security Service Application Program Interface (GSS-API) Mechanisms in Simple Authentication and Security Layer (SASL): The GS2 Mechanism Family , 2010, RFC.

[20]  Martin J. Dürst,et al.  Internationalized Resource Identifiers (IRIs) , 2005, RFC.

[21]  Jeff Hodges,et al.  Representation and Verification of Domain-Based Application Service Identity within Internet Public Key Infrastructure Using X.509 (PKIX) Certificates in the Context of Transport Layer Security (TLS) , 2011, RFC.