RFC - 2228

FTP Security Extensions

Original:	ftp://ftp.isi.edu/in-notes/rfc2228.txt
Authors:	M. Horowitz [Cygnus Solutions], S. Lunt [Bellcore]
Date:	October 1997
Category:	Proposed Standard

---

Updates:
RFC-959std9 [STD 9]	File Transfer Protocol (Updated by RFC-2228prop, RFC-3659prop, RFC-2640prop, RFC-2773exp)

Referred by:	20 RFC
Refers to:	3 RFC

---

Status

This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.

Copyright Notice

Copyright (C) The Internet Society (1997). All Rights Reserved.

Abstract

This document defines extensions to the FTP specification STD 9, RFC 959^std9, "FILE TRANSFER PROTOCOL (FTP)" (October 1985). These extensions provide strong authentication, integrity, and confidentiality on both the control and data channels with the introduction of new optional commands, replies, and file transfer encodings.

The following new optional commands are introduced in this specification:

      AUTH (Authentication/Security Mechanism),
      ADAT (Authentication/Security Data),
      PROT (Data Channel Protection Level),
      PBSZ (Protection Buffer Size),
      CCC (Clear Command Channel),
      MIC (Integrity Protected Command),
      CONF (Confidentiality Protected Command), and
      ENC (Privacy Protected Command).

A new class of reply types (6yz) is also introduced for protected replies.

None of the above commands are required to be implemented, but interdependencies exist. These dependencies are documented with the commands.

Note that this specification is compatible with STD 9, RFC 959^std9.

---