IETF-SSH archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: UTF8 in SFTP (was: solving the SFTP text mode issue)
At 02:50 PM 5/14/2002, Wei Dai wrote:
On Tue, May 14, 2002 at 04:25:44PM -0400, Bill Sommerfeld wrote:
> > I'm still at a loss as to why SSH FTP wasn't simply FTP wrapped in
> > SSH.
>
> for the record, the working group chair (me) is *still* at a loss to
> understand why there seems to be so much of a desire to reinvent the
> wheel here.
I can think of a few reasons:
1. SFTP is very easy to understand and implement, once you've implemented
SSH.
2. FTP's seperate control and data channels are an annoyance in the
context of SSH.
3. Historically FTP implementations have been vulnerable
to various attacks. SFTP implementations have not been.
4. SFTP server typically runs under the user's account instead of root.
5. SFTP can be used as a basic network file system, again lightweight and
secure compared to existing solutions.
Unless people foresee more problems beyond the current one (i.e. text
transfer mode) with SFTP, why not finish it up?
I agree. The issue here is, as I see it, one that regardless of the original
intent of what SFTP was supposed to be, the fact of the matter is, customers
in the real world are using it in a uniform way: as a secure replacement for
ftp. And that's the bottom line. Once it's in production, it's DARNED hard
to make somebody change. No, it doesn't have to do everything ftp does; but
on the other hand, given what real-world users are using it for, it's
inevitable that it gets finished with the stuff we've been discussing.
I think Wei put it very well.
------
+-------------------------------+---------------------------------------+
| Dan O'Reilly | |
| Principal Engineer | "Why should I care about posterity? |
| Process Software | What's posterity ever done for me?" |
| http://www.process.com | -- Groucho Marx |
+-------------------------------+---------------------------------------+
Home |
Main Index |
Thread Index |
Old Index