Re: SSH File Transfer Protocol - draft-moonesamy-secsh-filexfer-00

["denis bider \(Bitvise\)" <ietf-ssh3@denisbider.com>]

A fair number of implementations, including ours, implement SFTP versions 4 
and 6, as specified in:

draft-ietf-secsh-filexfer-13.txt

as well as extensions specified in:

draft-galb-filexfer-extensions-00.txt

Just because one open source implementation chooses to be stuck in the 
past - apparently because SFTP version 3 is simplistic, and offered most of 
what is needed on their target platform - doesn't mean it should get to 
dictate the standard.

The latest SFTP version is 6. Restarting standardization at 3 doesn't mean 
implementations of 4 and 6 are going to go away. It in fact means that two 
concurrent SFTP version trees are going to exist in the future. I think this 
is a poor decision, and I do not support it.

Any standardization efforts should continue where these documents left off:

draft-ietf-secsh-filexfer-13.txt
draft-galb-filexfer-extensions-00.txt

If OpenSSH chooses to be stuck in the past and implement an older version of 
the protocol known as SFTP version 3, then the OpenSSH project can document 
the version they implement, but based on one implementation, that doesn't 
need to be an internet standard.


-----Original Message----- 
From: S Moonesamy
Sent: Friday, July 12, 2013 06:18
To: Peter Gutmann
Cc: ietf-ssh@NetBSD.org
Subject: Re: SSH File Transfer Protocol - draft-moonesamy-secsh-filexfer-00

Hi Peter,
At 04:37 12-07-2013, Peter Gutmann wrote:
>Some background information on this decision would be useful, for example 
>why
>restart work on it now, and why use version 3 of the protocol as the 
>baseline?

There was a short discussion a few months ago about Section 6.1 of an
expired SFTP  drafts.  I used Version 3 as the baseline as that is
the version which OpenSSH implemented.  In my opinion it would be
easier to document Version 3 as an IETF specification instead of
trying to pursue the previous efforts.

Regards,
S. Moonesamy