FTP Extensions for Cryptographic Hashes (draft-bryan-ftp-hash)

Anthony Bryan <anthonybryan@gmail.com> Wed, 24 March 2010 21:30 UTC

Return-Path: <anthonybryan@gmail.com>
X-Original-To: apps-discuss@core3.amsl.com
Delivered-To: apps-discuss@core3.amsl.com
Received: from localhost (localhost []) by core3.amsl.com (Postfix) with ESMTP id 524573A6B4C for <apps-discuss@core3.amsl.com>; Wed, 24 Mar 2010 14:30:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.431
X-Spam-Level: *
X-Spam-Status: No, score=1.431 tagged_above=-999 required=5 tests=[BAYES_50=0.001, DNS_FROM_OPENWHOIS=1.13, MIME_8BIT_HEADER=0.3]
Received: from mail.ietf.org ([]) by localhost (core3.amsl.com []) (amavisd-new, port 10024) with ESMTP id Rlr7sHA84NWJ for <apps-discuss@core3.amsl.com>; Wed, 24 Mar 2010 14:30:06 -0700 (PDT)
Received: from mail-iw0-f189.google.com (mail-iw0-f189.google.com []) by core3.amsl.com (Postfix) with ESMTP id 6CF823A69ED for <apps-discuss@ietf.org>; Wed, 24 Mar 2010 14:29:54 -0700 (PDT)
Received: by iwn27 with SMTP id 27so3960704iwn.5 for <apps-discuss@ietf.org>; Wed, 24 Mar 2010 14:30:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:date:message-id:subject :from:to:content-type:content-transfer-encoding; bh=+0lAKLpJHrCbNWdgM/RyLSOpTh6RScjDndP+dCMXfKE=; b=ZJkrnnuYk4aGnUSJseQ0At1AGgJlAraYCD/+RIcpYOMR1qLzq5mNDaO4ztcDMyZJNi vRjG4hSsAmokMItgxbr1vPPkG5ANQ/YOVOIDbsW81DOrDNCJwuFr/1NlcNuApBJD8stY y53tRYrXWVuNdTyZpWJ/aml/u5TaVVROr7L90=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type :content-transfer-encoding; b=skPmW2n8ep20niWU83Cj3ZOXixIbW8eOwFlle1SkXFOh2s4wCkYSGfhzFu2FzcsGKx MjQRNETjmBoNdAZCXZN8/A5SElCjl8Iv7PE+7obdGGFrtF+bkBEnAL049YXYIB7Y4xrL MHp/f8Qupc5/2ELo7GOBNCJZhhHgsdL7yEMv8=
MIME-Version: 1.0
Received: by with SMTP id p15mr828718ibw.91.1269466212767; Wed, 24 Mar 2010 14:30:12 -0700 (PDT)
Date: Wed, 24 Mar 2010 17:30:12 -0400
Message-ID: <bb9e09ee1003241430g5c863bdbvb3320e2f40b0f686@mail.gmail.com>
Subject: FTP Extensions for Cryptographic Hashes (draft-bryan-ftp-hash)
From: Anthony Bryan <anthonybryan@gmail.com>
To: apps-discuss@ietf.org, Tim Kosse <tim.kosse@filezilla-project.org>, Alfred HÎnes <ah@tr-sys.de>, john+ietf@jck.com
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Mar 2010 21:30:07 -0000


This ID proposes a feature where FTP clients can request the hash of a
file. A number of FTP clients and servers have implemented multiple
commands (XMD5, XSHA1, SITE SHOHASH, etc) that are not formally
specified, leading to non-interoperability and confusion.

We have talked to FTP application authors that are interested in this
feature. Others have previously resisted implementing this feature
because it isn't formally specified.

We already have some issues from Alfred Hoenes and John Klensin to
address. If you are interested, please review & reply.

(( Anthony Bryan ... Metalink [ http://www.metalinker.org ]
  )) Easier, More Reliable, Self Healing Downloads

A new version of I-D, draft-bryan-ftp-hash-00.txt has been
successfully submitted by Anthony Bryan and posted to the IETF

Filename:        draft-bryan-ftp-hash
Revision:        00
Title:           FTP Extensions for Cryptographic Hashes
Creation_date:   2010-03-23
WG ID:           Independent Submission
Number_of_pages: 7

The specification for the File Transfer Protocol does not include
methods to obtain cryptographic hashes of files.  Cryptographic
hashes can be used to identify files and verify integrity.
Unfortunately, because of the desire for this feature, multiple
commands that are not formally specified have been implemented in FTP
applications leading to non-interoperability and confusion.  This
specification documents an optional command where FTP clients can
request the cryptographic hash of a file from a FTP server.