[Info-vax] FTP/SSL from OpenVMS (client) to Unix Filezilla (server) failure
Jose Baars
peutbaars at gmail.com
Wed Aug 8 17:55:09 EDT 2012
Op woensdag 8 augustus 2012 15:28:38 UTC+2 schreef Stephen Hoffman het volgende:
>
> And yes, you could reasonably infer I'm not fond of ftp.
>
:-). In FTP's defense, most browsers, and curl too, automatically use passive mode to do FTP, getting rid of the server opening a random port.
But why we have FTPS, FTP over SSL (also loosely called FTPS) and more than 2 ways to tell how and what to encrypt is really beyond me.
SSH and SFTP implement an application protocol on top of TCP/IP. That has at least three disadvantages:
To prevent setup of SSH tunnels a company needs expensive protocol sniffing
firewalls :-). The SFTP (or really the SSH) RFC's are extensive and open to (wrong) interpretation, as abundantly demonstrated by dozens of servers and clients, and file transfer performance is sometimes not even half of an HTTPS (to avoid the dreaded F word) download or upload, which can be comparably secure. That also is the disadvantage of HTTPS: it can be made much more
insecure.
I don't think I will see something easy, secure and generally accepted in my lifetime.
More information about the Info-vax
mailing list