Learning about SSL

When you use CuteFTP to connect securely to a server that supports SSL or TLS (SSL v3), the two computers pass a sequence of commands to create a secure connection. The FTP protocol definition provides at least two distinct mechanisms by which this sequence is initiated: Explicit (active) and Implicit (passive) security.

Explicit Security - Explicit security requires that the FTP client issue a specific command to the FTP server after establishing a connection to establish the SSL link. The default FTP server port is used. This formal method is documented in RFC 2228.

Implicit Security - Implicit security is a mechanism by which security is automatically turned on as soon as the FTP client makes a connection to an FTP server. In this case, the FTP server defines a specific port for the client (990) to be used for secure connections.

Implicit SSL is discussed in various SSL drafts, but not formally adopted in an RFC. For strict compliance to standards, use the explicit method. Implicit SSL adds benefits in the form of a dedicated port strictly used for secure connections, requiring fewer overheads in establishing the session. There are various FTP servers that support this mode, including GlobalSCAPE's Secure FTP Server. For more on SSL Connection Mechanisms, see Troubleshooting SSL Connections.

SSL Sessions

The diagram below shows a SSL session using explicit security. In this picture, the two computers communicate over an Internet connection. Time is represented vertically; the first communication at the top of the time line is from the Client to the Server, and subsequent communications proceed chronologically down the time line. The breaks in the time line represent the passage of time.

EXPLICIT SSL CONNECTION

CuteFTP adheres to Internet standards for secure transfer of files over the FTP protocol. Specifically, CuteFTP implements the FTP extensions documented in RFC 2228. Any FTP Server that also implements these extensions will work with CuteFTP in order to ensure the encryption of your sensitive data.

GlobalSCAPE Secure FTP Servers and Enhanced File Transfer Servers are also capable of Implicit SSL sessions over a dedicated port. See the Secure FTP Server User's Guide and Enhanced File Transfer Server User's Guide for more information on configuring a secure session to a GlobalSCAPE Secure Server.

This online help file is for CuteFTP v8. For other versions, please refer to http://help.globalscape.com/help/.

(If the Index and Contents are hidden, click Show on the tool bar.)

If this help topic did not help you, search the Knowledgebase.
For the most up-to-date information, to view version history, updates, and activation instructions; or to download a PDF of this user guide, visit the Support Center at http://www.globalscape.com/support.

Last modified: 2018-07-16 at 9:55:51