I-D ACTION:draft-murray-auth-ftp-ssl-04.txt
Internet-Drafts@ietf.org Wed, 02 September 1998 14:55 UTC
Received: (from adm@localhost) by ietf.org (8.8.5/8.8.7a) id KAA26164 for ietf-123-outbound.10@ietf.org; Wed, 2 Sep 1998 10:55:03 -0400 (EDT)
Received: from CNRI.Reston.VA.US (localhost [127.0.0.1]) by ietf.org (8.8.5/8.8.7a) with ESMTP id KAA25462 for <all-ietf@ietf.org>; Wed, 2 Sep 1998 10:33:45 -0400 (EDT)
Message-Id: <199809021433.KAA25462@ietf.org>
Mime-Version: 1.0
Content-Type: Multipart/Mixed; Boundary="NextPart"
To: IETF-Announce:;
From: Internet-Drafts@ietf.org
Reply-to: Internet-Drafts@ietf.org
Subject: I-D ACTION:draft-murray-auth-ftp-ssl-04.txt
Date: Wed, 02 Sep 1998 10:33:45 -0400
Sender: cclark@ns.cnri.reston.va.us
A New Internet-Draft is available from the on-line Internet-Drafts directories. Title : Securing FTP with TLS Author(s) : M. Carpenter, P. Ford-Hutchinson, T. Hudson, E. Murray Filename : draft-murray-auth-ftp-ssl-04.txt Pages : 26 Date : 01-Sep-98 This document describes a mechanism that can be used by FTP clients and servers to implement security and authentication using the TLS protocol defined by the IETF TLS working group and the extensions to the FTP protocol defined by the IETF CAT working group. It describes the subset of the extensions that are required and the parameters to be used; discusses some of the policy issues that clients and servers will need to take; considers some of the implications of those policies and discusses some expected behaviours of implementations to allow interoperation. TLS is not the only mechanism for securing file transfer, however it does offer some of the following positive attributes:- - Flexible security levels. TLS can support privacy, integrity, authentication or some combination of all of these. This allows clients and servers to dynamically, during a session, decide on the level of security required for a particular data transfer, - Formalised public key management. By use of X.509 public certificates during the authentication phase, certificate management can be built into a central function. Whilst this may not be desirable for all uses of secured file transfer, it offers advantages in certain structured environments such as access to corporate data sources. - Co-existence and interoperation with authentication mechanisms that are already in place for the HTTPS protocol. This allows web browsers to incorporate secure file transfer using the same infrastructure that has been set up to allow secure web browsing. The TLS protocol is a development of the Netscape Communication Corporation's SSL protocol and this document can be used to allow the FTP protocol to be used with either SSL or TLS. The actual protocol used will be decided by the negotiation of the protected session by the TLS/SSL layer. Note that this specification is in accordance with the FTP RFC and relies on the TLS protocol and the CAT FTP security extensions. Internet-Drafts are available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-murray-auth-ftp-ssl-04.txt". A URL for the Internet-Draft is: ftp://ftp.ietf.org/internet-drafts/draft-murray-auth-ftp-ssl-04.txt Internet-Drafts directories are located at: Africa: ftp.is.co.za Europe: ftp.nordu.net ftp.nis.garr.it Pacific Rim: munnari.oz.au US East Coast: ftp.ietf.org US West Coast: ftp.isi.edu Internet-Drafts are also available by mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-murray-auth-ftp-ssl-04.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft.
- I-D ACTION:draft-murray-auth-ftp-ssl-04.txt Internet-Drafts