http://www-01.ibm.com/support/docview.wss?uid=nas16bd9a4c1d97a1ede862574790072289c
The FTP protocol definition provides at least two distinct mechanisms by which this sequence is initiated: explicit (active) and implicit (passive) security.
Explicit Security : In order to establish the SSL link, explicit security requires that the FTP client issue a specific command to the FTP server after establishing a connection. The default FTP server port is used. This formal method is documented in RFC 2228.
Implicit Security: Implicit security automatically begins with an SSL connection as soon as the FTP client connects to an FTP server. In implicit security, the FTP server defines a specific port for the client (990) to be used for secure connections.
Because implicit SSL has a dedicated port strictly used for secure connections, implicit SSL connections require less overhead when you establish the session. There are various FTP servers that support this mode, including GlobalSCAPE Secure FTP Server, RaidenFTPD, IBackup’s FTP server, and others.
You can think of implicit security as always on and explicit security as turn on . The following diagram contrasts implicit and explicit SSL connections:
'Security > Common' 카테고리의 다른 글
| SASL(Simple Authentication and Security Layer) (0) | 2012.03.02 |
|---|---|
| XSS(Cross-Site Scripting) (0) | 2012.02.29 |
| CISSP에서 도구 (0) | 2011.11.10 |
| 암호학(Cryptography) 의 모든 것 (0) | 2011.10.06 |
| API Gateway 사례로 본 HMAC 인증 이해 (0) | 2011.10.01 |
