Re: NULL_ ciphersuite meets ftps

To: marc@cygnus.com
Subject: Re: NULL_ ciphersuite meets ftps
From: David.Brownell@Eng.Sun.COM (David Brownell - JavaSoft)
Date: Mon, 10 Feb 1997 12:36:08 -0800
Cc: ietf-tls@w3.org, pfh@uk.ibm.com
From ietf-tls-request@www10.w3.org Mon Feb 10 15: 35:29 1997
Message-Id: <199702102036.MAA24349@argon.eng.sun.com>
X-List-URL: http://lists.w3.org/Archives/Public/ietf-tls

> >> Speaking as a potential implementor, the approach in the ftp-ssl draft
> >> gets my vote on time to market and on how readily it can be implemented
> >> correctly and interoperably.
> 
> ftpsec-09 current has four organizations (that I know of, there are
> probably mode) implementing using kerberos or gssapi.  Three of these
> implementations are independent.  With a few exceptions which recent
> version of the draft address, they interoperate.

However, that proposal doesn't address TLS, and the TLS-enabled
proposal is far simpler.  I see your point re Kerberized FTP;
I expect you see mine re SSL-ized FTP, which can also address
Kerberization through the proposed Kerberos flavors of TLS.

It does make sense to me to have a single FTPS protocol, but I do
feel that it's strikingly easier to do that by layering over SSL/TLS
than by requiring the complexities of the cat-ftpsec approach.

- Dave

Follow-Ups:

Re: NULL_ ciphersuite meets ftps

From: Marc Horowitz <marc@cygnus.com>

Prev: IP Ports vs. Negotiation
Next: Simple TLS/SSL negotiation proposal
Index: Message index of ietf-tls@w3.org mailing list
Thread: Thread index of ietf-tls@w3.org mailing list