dinah@shell.UUCP (Dinah Anderson) (06/06/89)
There is some concern here about the fact that ftp passes the account
name and password in clear ASCII text and anyone with a PC and/or
LANalyzer of time type can capture this information.
One proposal has been to implement a public key encryption scheme
that would require modification of ftp on all systems involved to
support. I have some concerns with this which include:
1) My understanding is that the ftp RFC specifies that the userid/password
is passed in clear text. This implementation would violate the RFC.
2) We would loose our interoperability and flexibility to go with different
UNIX platforms. (All platforms would have to have this ftp change in
order to interoperate.)
3) PC's and LANalyzers will still be able to capture and replay packets.
(even if the public passwords have expiration dates, they probably
won't be long enough to prevent this.)
4) This scheme would probably work ok on "standalones" like VMS vaxen and
mainframes, but in a distributed networking environment, I think such
a solution MUST support yellow pages (or equivalent mechanisms.) I would
also want it to be transparent to the user.
My questions to you all are:
1) How are other sites handling this (ignoring physically security of
the network itself - which I realize is key to having a secure network.)?
2) How does a third party authentication scheme interoperate with "non-players".
In other words, if we decided to implement kerberos on our unix workstations,
can we provide some level of security to our non-unix systems in terms
of protecting the information (userid/passwords) on the non-unix systems.
Thanks in advance!
Dinah Anderson
Shell Oil Company, Information Center (713) 795-3287
..!{sun,psuvax,bcm,rice}!shell!dinahtoddpw@tybalt.caltech.edu (Todd P. Whitesel) (06/08/89)
Why not implement it as a telnet option (UNIX-PASSWORD or something similar)? todd whitesel toddpw @ deimos.caltech.edu toddpw @ caltech.bitnet