Dave Gibney wrote: >Really, what is the security risk of FTPS? I know it >seems to be increasingly considered a problem, but why?
FTPS (FTP over TLS) is quite good when properly implemented, with both the command and data channels secured. The common, classic criticism is that FTP requires a little more effort to set up correctly in classic firewalls, and FTPS is much the same in that respect. Ideally the various Web browsers would maintain (or add if they don't have it already) support for FTPS provided both the command and data channels are encrypted. They could still drop support for unencrypted FTP. However, FTPS isn't as widely implemented as SFTP, and the various browser vendors don't seem to support SFTP either. I haven't even found current browser extensions or add-ons that implement these file transfer protocols. I think you'll have to pick a file transfer tool for this particular task. IBM should have good coverage for obtaining files via HTTPS, but if you see something missing then please let IBM know through official channels. - - - - - - - - - - Timothy Sipples I.T. Architect Executive Digital Asset & Other Industry Solutions IBM Z & LinuxONE - - - - - - - - - - E-Mail: [email protected] ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
