The PLAIN Simple Authentication and Security Layer (SASL) Mechanism
RFC 4616

Approval announcement
Draft of message to be sent after approval:

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: Internet Architecture Board <iab@iab.org>,
    RFC Editor <rfc-editor@rfc-editor.org>, 
    sasl mailing list <ietf-sasl@imc.org>, 
    sasl chair <sasl-chairs@tools.ietf.org>
Subject: Protocol Action: 'The PLAIN SASL Mechanism' to Proposed 
         Standard 

The IESG has approved the following document:

- 'The PLAIN SASL Mechanism '
   <draft-ietf-sasl-plain-10.txt> as a Proposed Standard

This document is the product of the Simple Authentication and Security 
Layer Working Group. 

The IESG contact persons are Sam Hartman and Tim Polk.

A URL of this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-sasl-plain-10.txt

Technical Summary
 

 This document defines a simple clear-text user/password Simple
 Authentication and Security Layer (SASL) mechanism called the PLAIN
 mechanism.  The PLAIN mechanism is intended to be used, in combination
 with data confidentiality services provided by a lower layer, in
 protocols which lack a simple password authentication command. This document
updates RFC 2595.
 
Working Group Summary
 
 The working group came to rough consensus on this document.  There
 was some debate about how stringprep's desire to avoid comparison of
 two strings both involving unassigned codepoints interacts with
 situations where one string is transported by an IETF-controlled
 protocol like this mechanism and the other string is the providence of
 an implementation-specific protocol with broader applicability than
 this specification.

 
Protocol Quality
 
 This specification has been reviewed by Sam Hartman for the IESG.

RFC Editor Note
 
  In section 1

old:
  Clear-text, multiple-use passwords are simple, interoperate with
  almost all existing operating system authentication databases, and are
  useful for a smooth transition to a more secure password-based
  authentication mechanism. The drawback is that they are unacceptable
  for use over network connection where data confidentiality is not
  assured (by encryption or other means).

  new (removing parenthetical):

  Clear-text, multiple-use passwords are simple, interoperate with
  almost all existing operating system authentication databases, and are
  useful for a smooth transition to a more secure password-based
  authentication mechanism. The drawback is that they are unacceptable
  for use over network connection where data confidentiality is not
  assured.