-----Original Message-----
From: Michael Sierchio <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Date: Friday, June 16, 2000 10:14 AM
Subject: Re: FTP & SSL
>Arun Venkataraman wrote:
>>
>> This is an old gripe :( Ppl don't seem to have attempted seriously to use
>> SSL over something else other than http.
>
>Huh-wah? You have it backwards (HTTP over SSL). And there are
Oops! you are right.
>plenty of examples of LDAP, POP, SMTP and other protocols over
>SSL. FTP is inherently problematic (except if restricted to
>passive mode) because of the way connections are made -- SSL, itself
>running atop TCP, isn't really suitable for this.
>
>IPSec, SKIP, and other attempts to secure information at the
>packet level, are probably much better.
I wasn't aware of these technical difficulties. When I went over to
ftp://ftp.psy.uq.oz.au/pub/Crypto/SSLapps it seemed like people had
successfully patched wu-ftpd, an ftp client and a telnet client to work with
SSL. However, all the patches etc. seemed out of date and meant for SSL-eay.
This made me wonder if it was simply a problem of updating those patches for
openssl.
Arun.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]