Securing Control and Data Channels

The reader may be aware that FTP operates with two types of channels: control and data. Only one control-channel is used in each session, but several data-channels may be used - one for each data transfer. The AUTH command only secures the control-channel. Data- channels are not secured until PBSZ and PROT commands are issued. These commands tell the server whether or not subsequent data-channels should be secure.

A basic assumption of RFC2228 is that a client should be allowed to connect to a server in normal plain text mode and then be able to switch to a secure protocol upon request. This switch is done when the client issues an AUTH command at which time the client and the server negotiate a secure connection. After the switch, all FTP commands are encrypted, but importantly, data is not encrypted unless further commands are provided.

Ford-Hutchinson takes a major departure from the RFC when securing the data-channel, but that is largely beyond the scope of this document.

Next: FTPS Commands