> -----Original Message-----
> From: IBM Mainframe Discussion List On Behalf Of Hal Merritt
>
> I have to ask: why you care? You can control FTP's behavior
> in FTPSDATA and FTPCDATA respectively.
We perceive a need to be able to accommodate both secure and unsecure
FTP without having to specify which in the FTP command stream. Since
the IETF (or successor) has designated port 990 as the "well-known port"
for secure FTP, we'd like to use it for that purpose while retaining
port 21 for unsecure (or "optionally secure") FTP.
> I also am curious about your reference to 'implicit' secure
> FTP. FTP negotiates the session security starting from in the
> clear to the maximum supported by both sites. You can set a
> floor above in the clear if you want.
"Implicit" is the term used in the IBM doc. Perhaps "automatic" secure
FTP is more meaningful; i.e., "on this port, ONLY secure FTP is
handled". Similar to the SECUREPORT parm for telnet.
> Lastly, using a specific port for much of anything but an
> initial handshake is not something I think you'd want to do
> except on PC's.
> Since the resultant port pair for FTP is going to be random,
> why do we care where it starts?
"You gotta start somewhere", and port 990 is (was) the "well-known port"
for starting secure FTP; as port 21 is the "well-known port" for
starting "regular" FTP.
Note that the "well-known port" in either case is for the "control"
connection; the "data" connection is "randomly" assigned in either case.
-jc-
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
