I-D ACTION:draft-murray-auth-ftp-ssl-04.txt

[Internet-Drafts@ietf.org]

A New Internet-Draft is available from the on-line Internet-Drafts directories.


	Title		: Securing FTP with TLS
	Author(s)	: M. Carpenter, P. Ford-Hutchinson, T. Hudson, E. Murray
	Filename	: draft-murray-auth-ftp-ssl-04.txt
	Pages		: 26
	Date		: 01-Sep-98
	
   This document describes a mechanism that can be used by FTP clients
   and servers to implement security and authentication using the TLS
   protocol defined by the IETF TLS working group and the extensions to
   the FTP protocol defined by the IETF CAT working group.  It describes
   the subset of the extensions that are required and the parameters to
   be used; discusses some of the policy issues that clients and servers
   will need to take; considers some of the implications of those
   policies and discusses some expected behaviours of implementations to
   allow interoperation.
 
   TLS is not the only mechanism for securing file transfer, however it
   does offer some of the following positive attributes:-

      - Flexible security levels.  TLS can support privacy, integrity,
      authentication or some combination of all of these.  This allows
      clients and servers to dynamically, during a session, decide on
      the level of security required for a particular data transfer,
 
      - Formalised public key management.  By use of X.509 public
      certificates during the authentication phase, certificate
      management can be built into a central function.  Whilst this may
      not be desirable for all uses of secured file transfer, it offers
      advantages in certain structured environments such as access to
      corporate data sources.
 
      - Co-existence and interoperation with authentication mechanisms
      that are already in place for the HTTPS protocol.  This allows web
      browsers to incorporate secure file transfer using the same
      infrastructure that has been set up to allow secure web browsing.
 
   The TLS protocol is a development of the Netscape Communication
   Corporation's SSL protocol and this document can be used to allow the
   FTP protocol to be used with either SSL or TLS.  The actual protocol
   used will be decided by the negotiation of the protected session by
   the TLS/SSL layer.
 
   Note that this specification is in accordance with the FTP RFC and
   relies on the TLS protocol and the CAT FTP security extensions.

Internet-Drafts are available by anonymous FTP.  Login with the username
"anonymous" and a password of your e-mail address.  After logging in,
type "cd internet-drafts" and then
	"get draft-murray-auth-ftp-ssl-04.txt".
A URL for the Internet-Draft is:
ftp://ftp.ietf.org/internet-drafts/draft-murray-auth-ftp-ssl-04.txt

Internet-Drafts directories are located at:

	Africa:	ftp.is.co.za
	
	Europe: ftp.nordu.net
		ftp.nis.garr.it
			
	Pacific Rim: munnari.oz.au
	
	US East Coast: ftp.ietf.org
	
	US West Coast: ftp.isi.edu

Internet-Drafts are also available by mail.

Send a message to:	mailserv@ietf.org.  In the body type:
	"FILE /internet-drafts/draft-murray-auth-ftp-ssl-04.txt".
	
NOTE:	The mail server at ietf.org can return the document in
	MIME-encoded form by using the "mpack" utility.  To use this
	feature, insert the command "ENCODING mime" before the "FILE"
	command.  To decode the response(s), you will need "munpack" or
	a MIME-compliant mail reader.  Different MIME-compliant mail readers
	exhibit different behavior, especially when dealing with
	"multipart" MIME messages (i.e. documents which have been split
	up into multiple messages), so check your local documentation on
	how to manipulate these messages.
		
		
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.

ftp://ftp.ietf.org/internet-drafts/draft-murray-auth-ftp-ssl-04.txt"><ftp://ftp.ietf.org/internet-drafts/draft-murray-auth-ftp-ssl-04.txt>