Re: [ftpext] FWD: ftp/959 reboot
Daniel Stenberg <daniel@haxx.se> Thu, 05 August 2010 21:18 UTC
Return-Path: <daniel@haxx.se>
X-Original-To: ftpext@core3.amsl.com
Delivered-To: ftpext@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 205933A6A3F for <ftpext@core3.amsl.com>; Thu, 5 Aug 2010 14:18:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.724
X-Spam-Level:
X-Spam-Status: No, score=-4.724 tagged_above=-999 required=5 tests=[AWL=-2.475, BAYES_00=-2.599, HELO_EQ_SE=0.35]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lSfzsw6TbHpN for <ftpext@core3.amsl.com>; Thu, 5 Aug 2010 14:18:48 -0700 (PDT)
Received: from giant.haxx.se (giant.haxx.se [80.67.6.50]) by core3.amsl.com (Postfix) with ESMTP id 2EBEF3A6959 for <ftpext@ietf.org>; Thu, 5 Aug 2010 14:18:47 -0700 (PDT)
Received: from giant.haxx.se (dast@giant.haxx.se [80.67.6.50]) by giant.haxx.se (8.14.3/8.14.3/Debian-9.1) with ESMTP id o75LJLfe026711; Thu, 5 Aug 2010 23:19:21 +0200
Date: Thu, 05 Aug 2010 23:19:21 +0200
From: Daniel Stenberg <daniel@haxx.se>
X-X-Sender: dast@giant.haxx.se
To: "William F. Maton" <wmaton@ottix.net>
In-Reply-To: <Pine.LNX.4.64.1008051641520.24282@iskra.ottix.net>
Message-ID: <alpine.DEB.2.00.1008052249300.11871@tvnag.unkk.fr>
References: <Pine.LNX.4.64.1008051641520.24282@iskra.ottix.net>
User-Agent: Alpine 2.00 (DEB 1167 2008-08-23)
X-fromdanielhimself: yes
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; format="flowed"; charset="US-ASCII"
X-Greylist: Default is to whitelist mail, not delayed by milter-greylist-4.3.5 (giant.haxx.se [80.67.6.50]); Thu, 05 Aug 2010 23:19:21 +0200 (CEST)
Cc: ftpext@ietf.org
Subject: Re: [ftpext] FWD: ftp/959 reboot
X-BeenThere: ftpext@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <ftpext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ftpext>, <mailto:ftpext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ftpext>
List-Post: <mailto:ftpext@ietf.org>
List-Help: <mailto:ftpext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ftpext>, <mailto:ftpext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Aug 2010 21:18:50 -0000
On Thu, 5 Aug 2010, William F. Maton wrote (quoting Gregory Lundberg): > Anyone today who attempts to determine what the protocol *is* has to look at > far to many RFCs, some offering contradictory specifications. This is > unacceptable for one of the core protocols of the Internet. I can only agree that the situation is muddy and far from good. > A little analysis shows that the scheme used by HTTP works best when a large > number of relatively short transmissions are involved. But when the size > (or duration) of the transmission increases, the FTP quickly becomes more > efficient. > A re-boot of the FTP specification should include some discussion of this. > It servers both as a rationale as to why the protocol is still important, > and as a guide for implementors. I read this opinion from time to time, and I'm very curious: what facts or what particular details of TCP are you backing up this statement on (realizing this statement was quoted from a secondary author)? Why would a single HTTP stream be any worse than a single FTP stream? Given a large enough file, the tiny tiny difference that the HTTP headers add vanish, and the FTP transfer typically suffers from MANY more initial RTT delays etc. So yes, I would be very interested in such a rationale. In the past I've confronted others who have said similar things, but I've not yet heard anyone provide a believable explanation. > Care should be taken when specifying the operation of the FTP so as to not > specify or encourage the use of a particular implementation method. If we > look at the current FTP specification we see some discussion which does > promote a particular design. Really? As a client implementor I've never really seen that. Perhaps I'm just too indoctrinated by it by now. Any particular wordings or phrases that stand out and explain what you mean? > Another thing I'd suggest looking at is avoiding any semantic meaning for > the data channel. The term "file" is often used. But the data channel is > just a data channel. Once established, the FTP really does not care what is > sent, which direction it goes, or if data is travelling both wats at the > same time. The job of the FTP is to reliably and securely establish the data > channel between two resources; nothing more. I agree. I supposed we could look for inspirations for this in the httpbis work. > One of the great features of the FTP is the actual *EASE* with which the > protocol can be realized. It is virtually impossible to have a meaningful > HTTP session using Telnet. While this is little used, part of the power of > the FTP is it remains possible. I find that statement rather funny and something I wouldn't agree with. A HTTP-minded person would say it exactly the same way but replace HTTP and FTP in that sentense. The fact that HTTP is a single connection still wins I'd say, and makes TELNET possible while telnetting a FTP transfer with telnet requires two telnet invokes, or with PORT something like nc or what not. > The great failing of the FTP also stems from its strength. The use of a > second connumication channel opens the door to abuse or misdirection of that > channel. My experience with the data connection: it was possibly a good idea back in the early days. It is now a bad idea due to NATs, stateful firewalls, FTP over TLS and possibly other stuff. * NATs close idling connections, and there's no way to really portably keep traffic going on the control channel while a really long and slow data transfer is in process so implementations have to deal with the control channel being killed by the NAT before the data is done. * Firewalls need to understand FTP in order to support it fully without opening up ranges for it "just in case". * When FTP traffic is sent encrypted, said firewalls don't see the FTP traffic and thus cannot act stateful so the data connection cannot get setup. -- / daniel.haxx.se
- [ftpext] FWD: ftp/959 reboot William F. Maton
- Re: [ftpext] FWD: ftp/959 reboot Daniel Stenberg
- Re: [ftpext] FWD: ftp/959 reboot Anthony Bryan
- Re: [ftpext] FWD: ftp/959 reboot Daniel Stenberg
- Re: [ftpext] FWD: ftp/959 reboot William F. Maton
- Re: [ftpext] FWD: ftp/959 reboot Anthony Bryan
- Re: [ftpext] FWD: ftp/959 reboot Anthony Bryan
- Re: [ftpext] FWD: ftp/959 reboot William F. Maton
- Re: [ftpext] FWD: ftp/959 reboot William F. Maton
- Re: [ftpext] FWD: ftp/959 reboot Anthony Bryan
- Re: [ftpext] FWD: ftp/959 reboot William F. Maton
- Re: [ftpext] FWD: ftp/959 reboot Anthony Bryan
- Re: [ftpext] FWD: ftp/959 reboot Tim Kosse
- Re: [ftpext] FWD: ftp/959 reboot Anthony Bryan
- Re: [ftpext] FWD: ftp/959 reboot Paul Ford-Hutchinson
- Re: [ftpext] FWD: ftp/959 reboot Paul Ford-Hutchinson
- Re: [ftpext] FWD: ftp/959 reboot William F. Maton
- Re: [ftpext] FWD: ftp/959 reboot Iljitsch van Beijnum
- Re: [ftpext] FWD: ftp/959 reboot Anthony Bryan