This whole discussion makes me sad. What xtalk did for programming (in the era of applications) has not been done for the network (in the era of distributed logic and content). So we build applications... Lumbering dinosaurs we are. Sad. In both cases, it is the paradigm that is wrong, yet it is the user who suffers. It was easy enough to create a fix, a hack, to make application development accessible to the masses. But doing that for the network would be a herculean project. Reason? Humans still do for the net what what has been offloaded to compilers to do for apps.
-----Original Message----- From: "Bernard Devlin" <[EMAIL PROTECTED]> To: "How to use Revolution" <use-revolution@lists.runrev.com> Sent: 9/3/2008 5:29 AM Subject: Re: secure FTP Securing FTP looks like it is going to be complex. I searched the archive using Nabble and came up with this discussion from 2 years back: http://www.nabble.com/FTP-with-SSL-TLS-to5932257.html#a5935689 Now, since both Dave Cragg and Dar Scott were involved (and both know more about networking and security than I will probably ever know), it doesn't look like there is any simple solution. In fact, I would think that Dar's suggestion is probably not going to work with and would require you to bundle addtional software with your app. (From http://www.stunnel.org/faq/troubleshooting.html#ToC18 - stunnel is an ssl wrapper, placed round calls to local ports and forwards them securely to a remote port:) >> FTP over Stunnel won't work I just can't get ftp to work over Stunnel no matter how hard I try. *Answer*: Stunnel cannot be used for the FTP daemon because of the nature of the FTP protocol which utilizes multiple ports for data transfers. There are SSL aware FTP servers available. Alternitively you could use a different protocol. All versions of SSH include a program called scp which works like rcp. Recent versions of OpenSSH include a program called sftp which has an ftp-like feel. << It looks to me like the options are: a) using a SSL compatible ftp server, then getting SSL to work with that (unless there is some reason why Rev's SSL implementation wouldn't work with that, but I doubt it since SSL applies at the socket level). This would only work with some servers, but at least it would be a Rev-only solution (but requires an enterprise license to get SSL). On the linux side it looks like the major ftp servers (vsftpd, proftpd) support ssl. Of course, if you are not in charge of the server, then you probably have no control over which server is used or over whether or not ssl is enabled. b) switching to using https and posting your data to a webserver. Requires you to change how you handle stuff on the server, and would also have security implications (you don't want people to be able to post files that would replace e.g. .htaccess), but would also be a Rev-only solution c) using an external program with your app (e.g. scp, sftp, curl), and bundling the executable/libraries if necessary (i.e. they won't be available with Windows by default - by default Vista even disables the telnet client!). The server would obviously have to have compatible server processes running with appropriate login permissions, and attendant security issues (i.e. there is going to be a username capable of logging into a shell on that server, and that will need additional consideration). d) look into using webdav over https. Again may require server side changes, and also has security issues as with b). Bernard On Wed, Sep 3, 2008 at 9:46 AM, Jim Sims <[EMAIL PROTECTED]> wrote: > > I am looking for a way to upload files onto a server > that is secure. I do not want my potential client > to say "Hey! That will send passwords in the clear!!" > > I am looking for a method, using Rev, that can be implemented > on OS X and Windows. > > sims > > > _______________________________________________ > use-revolution mailing list > use-revolution@lists.runrev.com > Please visit this url to subscribe, unsubscribe and manage your > subscription preferences: > http://lists.runrev.com/mailman/listinfo/use-revolution > _______________________________________________ use-revolution mailing list use-revolution@lists.runrev.com Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-revolution _______________________________________________ use-revolution mailing list use-revolution@lists.runrev.com Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-revolution