On 2016-03-10, at 09:30, R.S. wrote: > (Disclaimer: maybe it was answered but I missed it.) > > Question: WHY? > > Why IBM switch off unencrypted ftp support? > Yes, it is unsafe in some sense, but all the risk is on customer site, not > IBM! > It would be up to customer to use unsafe method and customer assesment > whether the risk is acceptable for him. > Not to mention checksum functions can further reduce the risk. > I imagine two concerns:
o Theft of intellectual property in transit, or even merely traffic analysis. Encryption can mitigate. o Malware intrusion. To prevent that, a checksum transmitted over a separate secure channel should suffice. This reminds me that I once wished here that I could set the default Delete behavior to "No confirmation", the behavior when I first used (I)SPF. There were stern replies about the risks of that mode. "It [sh]ould be up to the customer..." -- gil ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
