IETF Logo Mail Archive

Re: Ftp-WG: Comments on FTP Security Extensions draft

William Curtin <curtinw@ftm.disa.mil> Fri, 18 April 1997 23:35 UTC

Received: from cnri by ietf.org id aa15834; 18 Apr 97 19:35 EDT
Received: from pad-thai.cam.ov.com by CNRI.Reston.VA.US id aa17499; 18 Apr 97 19:35 EDT
Received: (daemon@localhost) by pad-thai.cam.ov.com (8.8.5/) id <WAA21186@pad-thai.cam.ov.com>; Fri, 18 Apr 1997 22:05:52 GMT
Date: Fri, 18 Apr 1997 17:24:19 -0500
From: William Curtin <curtinw@ftm.disa.mil>
Message-Id: <9703188614.AA861411912@ftm.disa.mil>
To: cat-ietf@mit.edu, ftp-wg@hops.ag.utk.edu
Subject: Re: Ftp-WG: Comments on FTP Security Extensions draft
Precedence: bulk

          I know that this document is out for last call so I hope my 
          comments are not too late. I'm packing to leave for a week 
          long meeting but wanted to get this out before I left. 
          
          1. The new command defined for FTP in this document will 
          need to be supported by the FEAT command (currently defined 
          in draft-ietf-ftpext-mlst-00.txt). I guess given that this 
          draft will progress to RFC status before the MLST draft that 
          the definitions for these commands to a FEAT response will 
          have to be done in the MLST or another document.
          
          Are there standard formats to define the security mechanisms 
          associated with a AUTH command?
          
          2. Does the priori knowledge of a small set of commands 
          (containing few characters) lend to breaking the algorithm 
          associated with a security mechanism and thus possibly give 
          a false sense of security? For example I can assume that FTP 
          will be sending CWD over the control connection during the 
          session.
          I recognize that anything is better than sending commands in 
          the clear.
          
          3. Will these commands be mandatory for all clients and 
          servers?
          
          4. I don't think the draft is clear on the use of CCC, MIC, 
          CONF, and ENC commands. That is do I default to CCC even 
          though I may have negotiated a level of confidentiality or 
          are they automatically set? 
          
          5. Reference to Section 9 on page 6 should be Section 10.
          
          6. The paragraph in the CCC command section starting "If 
          unprotected commands are ..." seems out of place. This seems 
          more of an introductory paragraph. I would suggest that the 
          commands be broken into 3 sections:
          
          3.1 Security Identification and Negotiation
          3.2 Data Port Security
          3.3 Command Port Security.
          
          
          
          7. Are these two paragraphs from page 8 the same?
          
           "If the server has not completed a protection buffer size 
          negotiation with the client, it should respond with a 503 
          reply code."
          
           "The PROT command will be rejected and the server should 
          reply 503 if no previous PBSZ command was issued."
          
                                bill

v2.23.0 | Report a Bug | By Email