The One-Time-Password SASL Mechanism (RFC2444)
Original Publication Date: 1998-Oct-01
Included in the Prior Art Database: 2000-Sep-13
Internet Society Requests For Comment (RFCs)
OTP [OTP] provides a useful authentication mechanism for situations where there is limited client or server trust. Currently, OTP is added to protocols in an ad-hoc fashion with heuristic parsing. This specification defines an OTP SASL [SASL] mechanism so it can be easily and formally integrated into many application protocols.
Network Working Group C. Newman
Request for Comments: 2444 Innosoft
Updates: 2222 October 1998
Category: Standards Track
The One-Time-Password SASL Mechanism
Status of this Memo
This document specifies an Internet standards track protocol for the
Internet community, and requests discussion and suggestions for
improvements. Please refer to the current edition of the "Internet
Official Protocol Standards" (STD 1) for the standardization state
and status of this protocol. Distribution of this memo is unlimited.
Copyright (C) The Internet Society (1998). All Rights Reserved.
OTP [OTP] provides a useful authentication mechanism for situations
where there is limited client or server trust. Currently, OTP is
added to protocols in an ad-hoc fashion with heuristic parsing. This
specification defines an OTP SASL [SASL] mechanism so it can be
easily and formally integrated into many application protocols.
1. How to Read This Document
The key words "MUST", "MUST NOT", "REQUIRED", "SHOULD", "SHOULD NOT",
"RECOMMENDED" and "MAY" in this document are to be interpreted as
defined in "Key words for use in RFCs to Indicate Requirement Levels"
This memo assumes the reader is familiar with OTP [OTP], OTP extended
responses [OTP-EXT] and SASL [SASL].
2. Intended Use
The OTP SASL mechanism replaces the SKEY SASL mechanism [SASL]. OTP
is a good choice for usage scenarios where the client is untrusted
(e.g., a kiosk client), as a one-time password will only give the
client a single opportunity to act on behalf of the user. OTP is
also a good choice for situations where interactive logins are
permitted to the server, as a compromised OTP authentication database
is only subject to dictionary attacks, unlike authentication
databases for other simple mechanisms such as CRAM-MD5 [CRAM-MD5].
It is important to note that each use of the OTP mechanism causes the
authentication database entry for a user to be updated.
This SASL mechanism provides a formal way to integrate OTP into
SASL-enabled protocols including IMAP [IMAP4], ACAP [ACAP], POP3
[POP-AUTH] and LDAPv3 [LDAPv3].
3. Profiling OTP for SASL
OTP [OTP] and OTP extended responses [OTP-EXT] offer a number of
options. However, for authentication to succeed, the client and
server need compatible option sets. This specification defines a
single SASL mechanism: OTP. The following rules apply to this
o The extended response syntax MUST be used.
o Servers MUST support the following four OTP extended responses:
"hex", "word", "init-hex" and "init-word". Servers MUST support
the "word" and "init-word" responses for the standard dictionary
and SHOULD support alternate dictionaries. Servers MUST NOT
require use of any additional OTP extension...