Standards

From Wzdftpd

This page lists the RFCs (Request For Comments) used to implement wzdftpd.

RFC Summaries

• RFC 959 File Transfer Protocol (FTP)

The base specification of the current File Transfer Protocol.

• RFC 1123 Requirements for Internet Hosts -- Application and Support

Section 4.1, pp. 29-43, is devoted to FTP. Extends and clarifies some aspects of RFC 959. Introduces new response codes 554 and 555.

• RFC 1579 Firewall-Friendly FTP INFORMATIONAL

Suggests a new APSV command and 151 response code.

• RFC 1635 How to Use Anonymous FTP INFORMATIONAL

Provides introductory information for the novice Internet user about using the File Transfer Protocol (FTP).

• RFC 1639 FTP Operation Over Big Address Records (FOOBAR) EXPERIMENTAL

Defines new LPRT and LPSV commands and response codes 228 and 521.

• RFC 2228 FTP Security Extensions (FTPSECEXT)

Specifies several security extensions to the base FTP protocol defined in RFC 959. New commands: AUTH, ADAT, PROT, PBSZ, CCC, MIC, CONF, and ENC. New response codes: 232, 234, 235, 334, 335, 336, 431, 533, 534, 535, 536, 537, 631, 632, and 633.

• RFC 2389 Feature negotiation mechanism for the File Transfer Protocol (FTP-FNEGO)

Defines mechanisms for FTP client programs to obtain lists of features and options supported by FTP servers. Introduces the new FEAT and OPTS commands.

• RFC 2428 FTP Extensions for IPv6 and NATs

Introduces the new commands EPRT and EPSV, and the new response codes 522 and 229.

• RFC 2577 FTP Security Considerations

Provides several configuration and implementation suggestions to mitigate some security concerns, including limiting failed password attempts and third-party "proxy FTP" transfers, which can be used in "bounce attacks" (CERT97:27).

• RFC 2640 Internationalization of the File Transfer Protocol

Extends the FTP protocol to support multiple character sets, in addition to the original 7-bit ASCII. Introduces the new LANG command.

• RFC 2773 Encryption using KEA and SKIPJACK EXPERIMENTAL

Defines a RFC 2228 "FTP Security Extensions" method, which uses the Key Exchange Algorithm (KEA) for mutual authentication and encryption key exchange, and uses SKIPJACK to encrypt both FTP data and control channels.

• RFC 4217 Securing FTP with TLS

Describes a mechanism for secure authentication based on SSL/TLS (RFC 2246) and the FTP Security Extensions (RFC 2228), modeled after TLS for SMTP (RFC 2487). Uses response code 522 (originally introduced in RFC 2428).

Draft Summaries

• Extensions to FTP

Several protocol extensions are defined or documented. The new MLST and MLSD commands are defined to provide standardized file and directory list formats. A "trivial" virtual file store (TVFS) is specified. 8-bit characters with UTF-8 encoding. The REST (Restart) command is extended to STREAM mode transfers, and the commonly implemented MDTM (Mod Time) and size commands are documented. Earlier revisions of this draft included a HOST command, which allowed HTTP style name-based virtual servers. However, this feature was deleted in the 09 revision of the draft.