FlashFXP Forums - View Single Post - version 1.x authentication? certificate based?

ganymede · 07-16-2005, 03:48 PM

see i just think that with things like a usb stick... you leave it on your desk the guy can steal your info or whatever - its a matter of stealing the cert, with an IP address it really limits a person to one pc... i find this really disapointing - blocking users by IP address is critical... some FTP owners only want their users to login from specific locations. The certificate should replace the encryption format, and not IP blocking they kind of have different functions....

i agree with tuff stealing a cert.... much easier than impersonating an IP - a lot of ftp owners are not going to like this - this is kind of taking ioFTPD off the top of the list for FTPDs, guess we will see what everyone else thinks.

an idea though : i know you can store a whole bunch of information in those certs why not put a specific ip in there.... , not perfect but just a thought.

07-16-2005, 03:48 PM
ganymede Member Join Date: Dec 2004 Posts: 46	see i just think that with things like a usb stick... you leave it on your desk the guy can steal your info or whatever - its a matter of stealing the cert, with an IP address it really limits a person to one pc... i find this really disapointing - blocking users by IP address is critical... some FTP owners only want their users to login from specific locations. The certificate should replace the encryption format, and not IP blocking they kind of have different functions.... i agree with tuff stealing a cert.... much easier than impersonating an IP - a lot of ftp owners are not going to like this - this is kind of taking ioFTPD off the top of the list for FTPDs, guess we will see what everyone else thinks. an idea though : i know you can store a whole bunch of information in those certs why not put a specific ip in there.... , not perfect but just a thought.