- From: David Brownell - JavaSoft <David.Brownell@Eng.Sun.COM>
- Date: Mon, 10 Feb 1997 12:36:08 -0800
- To: marc@cygnus.com
- Cc: ietf-tls@w3.org, pfh@uk.ibm.com
> >> Speaking as a potential implementor, the approach in the ftp-ssl draft > >> gets my vote on time to market and on how readily it can be implemented > >> correctly and interoperably. > > ftpsec-09 current has four organizations (that I know of, there are > probably mode) implementing using kerberos or gssapi. Three of these > implementations are independent. With a few exceptions which recent > version of the draft address, they interoperate. However, that proposal doesn't address TLS, and the TLS-enabled proposal is far simpler. I see your point re Kerberized FTP; I expect you see mine re SSL-ized FTP, which can also address Kerberization through the proposed Kerberos flavors of TLS. It does make sense to me to have a single FTPS protocol, but I do feel that it's strikingly easier to do that by layering over SSL/TLS than by requiring the complexities of the cat-ftpsec approach. - Dave
Received on Monday, 10 February 1997 15:35:29 UTC