On Fri, Nov 10, 2000 at 11:10:01PM -0800, brian moore wrote: > > Blame the US Gov't for their crappy crypto policy stifling crypto > development for years. Blame them for the RSA patent for holding it up > some more. Blame RSA for many years of claiming to own any and all PK > crypto, whether it had any relation to RSA and DH or not. Blaming the > ISP because they haven't written a secure replacement for FTP (and the > attendant server and clients) that doesn't add new security problems > seems really stupid. agreed, however, US only restricts export, that leaves Canada and virtually everywhere else in the world free to develop crypto. the RSA patent is now expired. so what i am wondering, is there now a project somewhere (Canada, the Netherlands etc) to build a secure ftp replacement that is more in line with how ftp works (no need for a shell, chrooted, etc). there is very little barriers now to building a replacement it just needs to be done. (and of course win* and macos clients have to be written/fixed to work with it) really i don't think it should be that hard to modify the current OpenSSH just a bit to do chroot() in a simpler and cleaner way, and instead of running a shell run the sftpserv utility, the various gnome graphical ftp clients support this very nicely, you can't even tell its scp and not ftp. the only problem with this solution is it prevents users from changing there passwd in the usual way (shell set to /usr/bin/passwd) -- Ethan Benson http://www.alaska.net/~erbenson/
Attachment:
pgpuLJuCsQ1jb.pgp
Description: PGP signature