Simple Authentication and Security Layer (sasl)
-----------------------------------------------

 Charter
 Last Modified: 2006-08-16

 Current Status: Active Working Group

 Chair(s):
     Kurt Zeilenga  <kurt.zeilenga@isode.com>
     Tom Yu  <tlyu@mit.edu>

 Security Area Director(s):
     Tim Polk  <tim.polk@nist.gov>
     Sam Hartman  <hartmans-ietf@mit.edu>

 Security Area Advisor:
     Sam Hartman  <hartmans-ietf@mit.edu>

 Mailing Lists: 
     General Discussion:ietf-sasl@imc.org
     To Subscribe:      ietf-sasl-request@imc.org
         In Body:       subscribe
     Archive:           http://www.imc.org/ietf-sasl/mail-archive/

Description of Working Group:

This working group focuses on the application of the Session Initiation
Protocol (SIP, RFC 3261) to the suite of services collectively known as
instant messaging and presence (IMP). The IETF has committed to
producing an interoperable standard for these services compliant to
the requirements for IM outlined in RFC 2779 (including the security
and privacy requirements there) and in the Common Profile for Instant
Messaging (CPIM) specification, developed within the IMPP working
group. As the most common services for which SIP is used share quite a
bit in common with IMP, the adaptation of SIP to IMP seems a natural
choice given the widespread support for (and relative maturity of) the
SIP standard.
          
This group has completed the majority of its primary goals and will
focus on the remaining tasks documented here and concluding. Any
proposed new work will require a recharter.
          
The primary remaining work of this group will be to complete:
          
1. The MSRP proposed standard mechanism for transporting sessions of
messages initiated using the SIP, compliant to the requirments of RFC
2779, CPIM and BCP 41.
          
2. The XCAP framework for representing and carrying configuration and
policy information in SIMPLE systems.
          
3. A mechanism for representing partial changes (patches) to XML
documents and extensions to the SIMPLE publication and notification
mechanisms to convey these partial changes.
          
4. A mechanism for initiating and managing Instant Message group chat.
          
5. An annotated overview of the SIMPLE protocol definition documents.
          
Any SIP extensions proposed in the course of this development will,
after a last call process, be transferred to the SIP WG for
consideration as formal SIP extensions.
          
Any mechanisms created for managing Instant Message group chat are
intended to provide a bridge to the conferencing protocols that will
be defined in XCON. They will be limited in scope to address only
simple Instant Message chat with nicknames and will not attempt
to address complex conferencing concepts such as sidebars. Their
design must anticipate operating in conjunction with the conferencing
protocols XCON is working towards.
          
The working group will work within the framework for presence and IM
described in RFC 2778. The extensions it defines must also be
compliant with the SIP processes for extensions. The group cannot
modify baseline SIP behavior or define a new version of SIP for IM and
presence. If the group determines that any capabilities requiring an
extension to SIP are needed, the group will seek to define such
extensions within the SIP working group, and then use them here.

 Goals and Milestones:

   Done         Submit revised SASL (+ EXTERNAL) I-D 

   Done         Submit revised SASL ANONYMOUS I-D 

   Done         Submit revised SASL PLAIN I-D 

   Done         Submit revised SASL CRAM-MD5 I-D 

   Done         Submit revised SASL DIGEST-MD5 I-D 

   Done         Submit revised SASL GSSAPI I-D 

   Done         Submit SASL (+ EXTERNAL) to the IESG for consideration as a 
                Proposed Standard 

   Done         Submit GSSAPI to IESG for consideration as a Proposed Standard 

   Sep 2006       Submit GS2 to IESG for consideration as a Proposed Standard 

   Sep 2006       Submit CRAM-MD5 to IESG for consideration as a Proposed 
                Standard 

   Oct 2006       Submit DIGEST-MD5 to IESG for consideration as a Proposed 
                Standard 

   Oct 2006       Provide implementation report plan (with milestones) 

   Nov 2006       Revise charter or conclude 


 Internet-Drafts:

Posted Revised         I-D Title   <Filename>
------ ------- --------------------------------------------
Feb 2006 Oct 2007   <draft-ietf-sasl-gs2-09.txt>
                Using GSS-API Mechanisms in SASL: The GS2 Mechanism Family 

Sep 2007 Sep 2007   <draft-melnikov-digest-to-historic-00.txt>
                Moving DIGEST-MD5 to Historic 

 Request For Comments:

  RFC   Stat Published     Title
------- -- ----------- ------------------------------------
RFC4013Standard  Mar 2005    SASLprep: Stringprep profile for user names and 
                       passwords 

RFC4422 PS   Jun 2006    Simple Authentication and Security Layer (SASL) 

RFC4505 PS   Jun 2006    Anonymous Simple Authentication and Security Layer 
                       (SASL) Mechanism 

RFC4616 PS   Aug 2006    The PLAIN Simple Authentication and Security Layer 
                       (SASL) Mechanism 

RFC4752 PS   Nov 2006    The Kerberos V5 (