Hi, and thanks! Even though "double login" (or other FTP-level proxy type) over TLS/SSL would be technically possible, we decided not to allow this for several reasons:
1) We have not encountered such proxy yet. If we allowed it, we would be unsure whether it actually works.
2) TLS/SSL is supposed to provide confidentiality and data integrity. It is used when data needs to be protected from disclosure to unintended parties along the way, and if used correctly, it ensures that only the intended recipient (the FTP client or FTP server in this case) can read the data. This is not the case when using a proxy at FTP protocol level such as "double login" over TLS/SSL. In that scenario, the proxy would still be able to see and modify the FTP communication including user credentials. The mode of its operation would essentially be equivalent to man-in-the-middle attack (with the proxy in the middle). I'm sure there might be valid use cases for that, but it goes against the purpose of TLS/SSL, introduces another attack vector (compromising the proxy compromises all the clients) and leaves the FTP client in the dark about how (or whether at all) the proxy actually secures the data transferred between itself and the actual FTP server.
3) When "double login" FTP proxy with SSL is really needed, Rebex FTP/SSL can already use it - just connect to the proxy and call the
Login method twice:
Dim client As New Ftp
client.Connect(proxyHostName, proxyPort, SslMode.Explicit) ' or SslMode.Implicit
client.Login(proxyUserName & "@" & ftpHostName & ":" & ftpPort, proxyPassword)