Overview #

Quality of Protection (QoP) is a property of certain SASL mechanisms (especially the DIGEST-MD5 and GSSAPI mechanisms) that can be used to protect the communication between the client and the server.

There are three different QoP levels:

  • auth -- This indicates that the associated SASL mechanism should only be used to authenticate the client connection. It should not provide any other protection for the client-server communication
  • auth-int -- This indicates that the associated SASL mechanism should be used for authentication, and then should also provide integrity protection for the communication between the client and server. Integrity protection will not prevent third-party observers from understanding the communication, but it will ensure that a man-in-the-middle is unable to alter that communication in an undetectable manner
  • auth-conf -- This indicates that the associated SASL mechanism should be used for authentication, and then should also provide integrity and confidentiality protection for the communication between the client and the server. This will ensure that third-party observers will be unable to understand the communication

More Information#

There might be more information for this subject on one of the following:

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-6) was last changed on 16-Sep-2012 12:13 by jim