Talk:FTPS

From Wikipedia, the free encyclopedia

What is the reasoning given for preferring explicit SSL?

See [1]

"you are trying to deploy a secure FTP client or server, you may get badly bitten by a poorly designed or configured Firewall"

- its not that the firewall is poorly designed or configured, it simply cannot decrypt the control channel in order to determine what ports to dynamically open in order to allow the application to work.

- yes it can be a poor firewall: It could drop a session on port 21 if it thinks it doesn't 'look' like FTP (some do). It could drop a session on port 21 if it is inactive for a period of time, because the data is being transferred on another socket pair (some do). It could decide that it 'knows' all the FTP commands and refuse to pass on the AUTH request (some do). Notwithstanding the concept that a network level device (a firewall) starts looking in application data streams and making bizarre decisions about dynamic port restrictions is just plain broken - That's the job of an Application Layer Gateway.

[edit] Combine, Combine, Combine

This article and SFTP (SSH Over FTP) article should all be combined into FTP article.12.110.196.19 18:39, 3 April 2006 (UTC)

-- FTPS is a completely different animal than FTP.

No no no, FTPS is FTP with SSL in the same manner HTTPS is HTTP with SSL. Do not confuse FTPS with SFTP which is the FTP-look-alike that is file transfers over the SSH protocol.