On 5/12/10 9:38 AM, Joe Abley wrote:
On 2010-05-12, at 12:32, Paul Hoffman wrote:
The use of FTP dwarfs the use of SFTP by at least two orders of magnitude.
Sure.
To paraphrase my comment (or at least re-state it in a clearer way) from a protocol perspective, setting aside deficiencies in particular implementations, it seems more apropos to convey the message that FTP is inadequate in various ways, and to point towards some alternatives, than to imply (through the appearance of protocol maintenance) that FTP is alive and well and a good choice of protocol for new applications.
Agreed. Use of plain-text authentication, even with a pretext of
restricting directory views, lacks merit. Most operating systems
enforce directory access without dependence upon the access application.
Suggestions, that in effect recommends FTP to maintain security,
would be misleading especially with many outstanding exploits still
found in clients and browsers.
-Doug
_______________________________________________
Ietf mailing list
Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf