On 14 September 2010 16:47, Dave Roberts <[email protected]>wrote:
> > Given that you want to impose the use of SSL, can you not make use > of the implicit SSL option on a single listener instance? As far as > I know, most clients that support SSL, support both implicit and > explicit modes. > I see implicit SSL as a backward compatibility hack. HTTPS notwithstanding, the IETF has been opposed to implicit SSL (not just in FTP) for as long as I can remember. RFC4217 has been official for 5 years, does not cover implicit SSL, and should be viewed as *the* way FTP/TLS should work. Also, I have a customer-driven need. They're currently using implicit SSL, want to move to explicit, and we have to protect them from accidentally using an unsecured channel. -- "There is no way to peace; peace is the way"
