Browse Prior Art Database

Securing FTP with TLS (RFC4217)

IP.com Disclosure Number: IPCOM000130598D
Original Publication Date: 2005-Oct-01
Included in the Prior Art Database: 2005-Oct-29
Document File: 30 page(s) / 61K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

P. Ford-Hutchinson: AUTHOR

Abstract

This document describes a mechanism that can be used by FTP clients and servers to implement security and authentication using the TLS protocol defined by RFC 2246, "The TLS Protocol Version 1.0.", and the extensions to the FTP protocol defined by RFC 2228, "FTP Security Extensions". It describes the subset of the extensions that are required and the parameters to be used, discusses some of the policy issues that clients and servers will need to take, considers some of the implications of those policies, and discusses some expected behaviours of implementations to allow interoperation. This document is intended to provide TLS support for FTP in a similar way to that provided for SMTP in RFC 2487, "SMTP Service Extension for Secure SMTP over Transport Layer Security", and HTTP in RFC 2817, "Upgrading to TLS Within HTTP/1.1.".

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 5% of the total text.

Network Working Group                                 P. Ford-Hutchinson
Request for Comments: 4217                                    IBM UK Ltd
Category: Standards Track                                   October 2005


                         Securing FTP with TLS

Status of This Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2005).

Abstract

   This document describes a mechanism that can be used by FTP clients
   and servers to implement security and authentication using the TLS
   protocol defined by RFC 2246, "The TLS Protocol Version 1.0.", and
   the extensions to the FTP protocol defined by RFC 2228, "FTP Security
   Extensions".  It describes the subset of the extensions that are
   required and the parameters to be used, discusses some of the policy
   issues that clients and servers will need to take, considers some of
   the implications of those policies, and discusses some expected
   behaviours of implementations to allow interoperation.  This document
   is intended to provide TLS support for FTP in a similar way to that
   provided for SMTP in RFC 2487, "SMTP Service Extension for Secure
   SMTP over Transport Layer Security", and HTTP in RFC 2817, "Upgrading
   to TLS Within HTTP/1.1.".

   This specification is in accordance with RFC 959, "File Transfer
   Protocol".  It relies on RFC 2246, "The TLS Protocol Version 1.0.",
   and RFC 2228, "FTP Security Extensions".

Ford-Hutchinson             Standards Track                     [Page 1]
RFC 4217                 Securing FTP with TLS              October 2005


Table of Contents

   1. Introduction ....................................................3
   2. Audience ........................................................5
   3. Overview ........................................................5
   4. Session Negotiation on the Control Port .........................5
      4.1. Client Wants a Secured Session .............................5
      4.2. Server Wants a Secured Session .............................6
   5. Clearing the Control Port .......................................6
   6. Response to the FEAT Command ....................................7
   7. Data Connection Behaviour .......................................8
   8. Mechanisms for the AUTH Command .................................9
   9. Data Connection Security .......................................