Re: NULL_ ciphersuite meets ftps

> >> Speaking as a potential implementor, the approach in the ftp-ssl draft
> >> gets my vote on time to market and on how readily it can be implemented
> >> correctly and interoperably.
> ftpsec-09 current has four organizations (that I know of, there are
> probably mode) implementing using kerberos or gssapi.  Three of these
> implementations are independent.  With a few exceptions which recent
> version of the draft address, they interoperate.

However, that proposal doesn't address TLS, and the TLS-enabled
proposal is far simpler.  I see your point re Kerberized FTP;
I expect you see mine re SSL-ized FTP, which can also address
Kerberization through the proposed Kerberos flavors of TLS.

It does make sense to me to have a single FTPS protocol, but I do
feel that it's strikingly easier to do that by layering over SSL/TLS
than by requiring the complexities of the cat-ftpsec approach.

- Dave

Received on Monday, 10 February 1997 15:35:29 UTC