dinah@shell.UUCP (Dinah Anderson) (06/06/89)
There is some concern here about the fact that ftp passes the account name and password in clear ASCII text and anyone with a PC and/or LANalyzer of time type can capture this information. One proposal has been to implement a public key encryption scheme that would require modification of ftp on all systems involved to support. I have some concerns with this which include: 1) My understanding is that the ftp RFC specifies that the userid/password is passed in clear text. This implementation would violate the RFC. 2) We would loose our interoperability and flexibility to go with different UNIX platforms. (All platforms would have to have this ftp change in order to interoperate.) 3) PC's and LANalyzers will still be able to capture and replay packets. (even if the public passwords have expiration dates, they probably won't be long enough to prevent this.) 4) This scheme would probably work ok on "standalones" like VMS vaxen and mainframes, but in a distributed networking environment, I think such a solution MUST support yellow pages (or equivalent mechanisms.) I would also want it to be transparent to the user. My questions to you all are: 1) How are other sites handling this (ignoring physically security of the network itself - which I realize is key to having a secure network.)? 2) How does a third party authentication scheme interoperate with "non-players". In other words, if we decided to implement kerberos on our unix workstations, can we provide some level of security to our non-unix systems in terms of protecting the information (userid/passwords) on the non-unix systems. Thanks in advance! Dinah Anderson Shell Oil Company, Information Center (713) 795-3287 ..!{sun,psuvax,bcm,rice}!shell!dinah
toddpw@tybalt.caltech.edu (Todd P. Whitesel) (06/08/89)
Why not implement it as a telnet option (UNIX-PASSWORD or something similar)? todd whitesel toddpw @ deimos.caltech.edu toddpw @ caltech.bitnet