RFC 2228 (rfc2228) - Page 1 of 27
FTP Security Extensions
Alternative Format: Original Text Document
Network Working Group M. Horowitz
Request for Comments: 2228 Cygnus Solutions
Updates: 959 S. Lunt
Category: Standards Track Bellcore
October 1997
FTP Security Extensions
Status of this Memo
This document specifies an Internet standards track protocol for the
Internet community, and requests discussion and suggestions for
improvements. Please refer to the current edition of the "Internet
Official Protocol Standards" (STD 1) for the standardization state
and status of this protocol. Distribution of this memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (1997). All Rights Reserved.
Abstract
This document defines extensions to the FTP specification STD 9, RFC
959, "FILE TRANSFER PROTOCOL (FTP)" (October 1985). These extensions
provide strong authentication, integrity, and confidentiality on both
the control and data channels with the introduction of new optional
commands, replies, and file transfer encodings.
The following new optional commands are introduced in this
specification:
AUTH (Authentication/Security Mechanism),
ADAT (Authentication/Security Data),
PROT (Data Channel Protection Level),
PBSZ (Protection Buffer Size),
CCC (Clear Command Channel),
MIC (Integrity Protected Command),
CONF (Confidentiality Protected Command), and
ENC (Privacy Protected Command).
A new class of reply types (6yz) is also introduced for protected
replies.
None of the above commands are required to be implemented, but
interdependencies exist. These dependencies are documented with the
commands.
Note that this specification is compatible with STD 9, RFC 959.
Horowitz & Lunt Standards Track