17 Dec
2003
17 Dec
'03
11:17 p.m.
Since the command channel is flat ascii, one could extend the protocol with a pgp-password command, which would send the password encrypted in the server's public key. Similarly one could use the sort of convention that the wu-ftpd does to request encrypted files... simply request file.pgp, just like you request file.z, file.gz, etc.
There is an Internet draft (draft-ietf-cat-ftpsec-03.txt) on ftp encription and authentication extensions. I dont recall if it includes a public key method, but if not it would probably be easy to incorporate. brad