SASL is the Simple Authentication and Security Layer, a method for adding authentication support to connection-based protocols.
To use SASL, a protocol includes a command for identifying and authenticating a user to a server and for optionally negotiating protection of subsequent protocol interactions.
If its use is negotiated, a security layer is inserted between the protocol and the connection.
