From owner-freebsd-arch Thu Mar 15 10:45:18 2001 Delivered-To: freebsd-arch@freebsd.org Received: from ns.yogotech.com (ns.yogotech.com [206.127.123.66]) by hub.freebsd.org (Postfix) with ESMTP id 81F4D37B719 for ; Thu, 15 Mar 2001 10:45:15 -0800 (PST) (envelope-from nate@yogotech.com) Received: from nomad.yogotech.com (nomad.yogotech.com [206.127.123.131]) by ns.yogotech.com (8.9.3/8.9.3) with ESMTP id LAA09885; Thu, 15 Mar 2001 11:45:11 -0700 (MST) (envelope-from nate@nomad.yogotech.com) Received: (from nate@localhost) by nomad.yogotech.com (8.8.8/8.8.8) id LAA05477; Thu, 15 Mar 2001 11:45:10 -0700 (MST) (envelope-from nate) From: Nate Williams MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <15025.3509.496206.784802@nomad.yogotech.com> Date: Thu, 15 Mar 2001 11:45:09 -0700 (MST) To: freebsd-arch@FreeBSD.ORG Cc: Brooks Davis Subject: Re: [PATCH] add a SITE MD5 command to ftpd In-Reply-To: <20010314185026.C7683@dragon.nuxi.com> References: <20010314084651.A23104@ringworld.oblivion.bg> <200103142342.QAA09233@usr08.primenet.com> <20010314161555.A4984@Odin.AC.HMC.Edu> <20010314185026.C7683@dragon.nuxi.com> X-Mailer: VM 6.75 under 21.1 (patch 12) "Channel Islands" XEmacs Lucid Reply-To: nate@yogotech.com (Nate Williams) Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > > I'm frankly, completly mystified by the various comments about this not > > being a security feature. Of course it's not. That's blindly obvious. > > I disagree it is blindly obvious. It wasn't to some I've talked to. > We've ended up associating a "security nature" to MD5. Thus when people > see that name, they make assumptions. > > > That's not the point. As long as it's an option I frankly don't see how > > it could possibly hurt things and I can't see any good reason why a > > reasonably implementation wouldn't spread if people started using > > clients that could take advantage of it. > > How?? are clients going to take advantage of it? For the majority of FTP > clients want to fetch the file, so why ask for an MD5 of it? To see if the file that they are looking for exists on the server? As someone pointed out already, the server may have an 'older' file, so there's no sense in downloading it unless the MD5's match. > Are you > thinking about checking the xfer was OK? That's the only use I can think > of. The other uses people have mentioned are very, very specific to a > single task done by the FreeBSD Project. The xfer would have been OK if the MD5 matched what the port listed. But, it would save a download. (A good example of files that never change their name are the named files). Nate To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message