From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: Date: Sun, 3 Apr 2005 08:47:27 -0500 From: Russ Cox To: Fans of the OS Plan 9 from Bell Labs <9fans@cse.psu.edu> Subject: Re: [9fans] Secure ftp Again In-Reply-To: <20050403134016.GP92880@smp500.sitetronics.com> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit References: <20050403134016.GP92880@smp500.sitetronics.com> Topicbox-Message-UUID: 31f9100a-ead0-11e9-9d60-3106f5b1d025 > > changing dial? no. writing a tlsdial? > > maybe, but it doesn't happen very often. > > what's more common is that you connect, > > talk plaintext for a little while, and then decide > > to start tls. i don't think there are enough > > instances yet to know what the common case is. > > > > russ > > It seems to be pretty standard protocol to me. Exchange, verify, > encrypt. The original IETF draft is at i was talking about tls, not the ftp tls. i agree that the tls ftp looks standard, but i don't know of any ftp servers that actually implement it (or why they would!) so i have nothing to test against. i also don't understand how much auth is supposed to happen before you start tls. it's all a little weird. > and every current popular FTP client implements it, so there > should be plenty of source with a friendly license out there. i'm not worried about this either. it's only a couple of lines of code. no need to copy someone else. russ