Re: [ftpext] [BEHAVE] one week WGLC, draft-ietf-behave-ftp64-05

Iljitsch van Beijnum <iljitsch@muada.com> Wed, 22 December 2010 11:40 UTC

Return-Path: <iljitsch@muada.com>
X-Original-To: ftpext@core3.amsl.com
Delivered-To: ftpext@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A75B63A6AD9; Wed, 22 Dec 2010 03:40:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.3
X-Spam-Level:
X-Spam-Status: No, score=-102.3 tagged_above=-999 required=5 tests=[AWL=-0.300, BAYES_00=-2.599, J_CHICKENPOX_22=0.6, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aCt6qzsT4DyX; Wed, 22 Dec 2010 03:39:19 -0800 (PST)
Received: from sequoia.muada.com (unknown [IPv6:2001:1af8:2:5::2]) by core3.amsl.com (Postfix) with ESMTP id 64B113A6B14; Wed, 22 Dec 2010 03:39:19 -0800 (PST)
Received: from claw.it.uc3m.es ([163.117.139.69]) (authenticated bits=0) by sequoia.muada.com (8.13.3/8.13.3) with ESMTP id oBMBfDjQ063719 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Wed, 22 Dec 2010 12:41:13 +0100 (CET) (envelope-from iljitsch@muada.com)
Mime-Version: 1.0 (Apple Message framework v1082)
Content-Type: text/plain; charset=us-ascii
From: Iljitsch van Beijnum <iljitsch@muada.com>
In-Reply-To: <9B57C850BB53634CACEC56EF4853FF653447ECAF@TK5EX14MBXW604.wingroup.windeploy.ntdev.microsoft.com>
Date: Wed, 22 Dec 2010 12:40:38 +0100
Content-Transfer-Encoding: quoted-printable
Message-Id: <8B73074C-5B7E-425F-B8B2-C28757FB7CD6@muada.com>
References: <0cac01cb58ea$32d19a60$9874cf20$@com> <9B57C850BB53634CACEC56EF4853FF65343005F2@TK5EX14MBXW601.wingroup.windeploy.ntdev.microsoft.com> <B166ACF7-FA96-4954-8411-A86BC7923A76@muada.com> <9B57C850BB53634CACEC56EF4853FF653447D195@TK5EX14MBXW604.wingroup.windeploy.ntdev.microsoft.com> <9B57C850BB53634CACEC56EF4853FF653447ECAF@TK5EX14MBXW604.wingroup.windeploy.ntdev.microsoft.com>
To: Dave Thaler <dthaler@microsoft.com>
X-Mailer: Apple Mail (2.1082)
Cc: draft-ietf-behave-ftp64@tools.ietf.org, ftpext@ietf.org, Behave WG <behave@ietf.org>
Subject: Re: [ftpext] [BEHAVE] one week WGLC, draft-ietf-behave-ftp64-05
X-BeenThere: ftpext@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <ftpext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ftpext>, <mailto:ftpext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ftpext>
List-Post: <mailto:ftpext@ietf.org>
List-Help: <mailto:ftpext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ftpext>, <mailto:ftpext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Dec 2010 11:40:25 -0000

[CC to ftpext, please prune as desired when following up]

On 22 dec 2010, at 1:32, Dave Thaler wrote:

> To your later question, Microsoft's IIS does support RFC 2640
> in its FTP server.  Microsoft's current FTP clients, on the other hand, do not
> support RFC 2640.

And so does ProFTPD.

I quickly checked maybe a dozen FTP sites. A few of them supported LANG, although none any languages other than English, one UTF8 but not LANG, one LANG but not FEAT (which is in non-conformance to RFC 2640). So I guess a quick deprecation is off the table.

After reading RFC 2640 a bit more closely, it turns out that it actually allows CR/LFs in filenames, but those are escaped using a null character. This probably warrants a warning in the FTP64 document, as ALG implementers may not be aware of this and of course a null character has special meaning in languages such as C.

Back to the original problem.

Ideally, the ALG would observe the LANG negotiation and then send text in the desired language. However, there is no way to make sure that the ALG supports all the languages that clients and servers may support, so even if the ALG makes this attempt, there will be cases when it can't provide text in the desired language.

When that happens, there are two choices:

1. block the LANG negotiation and use the default language

2. ignore the LANG negotiation and use the default language

The advantage of 1 is consistency. However, this is more complex to implement and despite some evidence of LANG support I fear that actual use of this feature is too low to see good real-world testing, so there is a significant risk of bugs that won't come to light until the ALG is widely deployed. Another downside is that the user is now deprived of text in the desired language for text sent by the server that isn't touched by the ALG. Most notably, this would be the greetings. With failed LANG negotiation, users probably also wouldn't be able to use UTF-8 user names, passwords or path names.

The advantage of 2 is implementation simplicity and that the majority of the text is still in the desired language. However, some server responses will be in the ALG's (default) language rather than in the negotiated language. (But informed users can still see what's going on from the numeric response, the text is merely additional information.)

I propose the following:

- provide some explanation of the issue in the document
- ALGs MUST support UTF-8 and the CR0LF thing
- ALGs MAY monitor the LANG negotiation and adjust their language accordingly (with no opinion about what happens when the ALG supports the user desired language but the server doesn't)
- if the ALG doesn't monitor the LANG negotiation or doesn't support the negotiated language, it uses its default language

Thoughts?