Re: A future for the SSH File Transfer Protocol?

[Darren Moffat <Darren.Moffat%eng.sun.com@localhost>]

> - Instead of separate getuserbyname and getuserbyuid calls, we have
>   a single "getuser" call, whose argument is itself a USER data

I hate to say it but this whole SFTP + USERDB is starting to look
suspiciously like NFSv2 + NIS ;-)

I'd like to suggest that before the group goes any further with SFTP we
stop and do a requirements spec.  

What problem are we really trying to solve for the end user ?

In particular is the goal a file transfer protocol along the lines of
FTP (as the name would suggest) or is it a file sharing protocol more
in line with NFS or CIFS.  Some of the suggestions make me thing it is
drifting somewhere between the two at the moment (which isn't a bad
thing as long as we know what problem we are trying to solve).

Why doesn't running the FTP protocol over SSH transport help,
(I know about the issues with FTP as a protocol but I think it wouldn't
hurt for the wg to document them the a requirements spec).

Why doesn't NFSv4 solve their problems either (I think it would in
theory be possible to have the SSH protocol stack as a GSS mechanism
that NFSv4 could run over).

One final thing, if SFTP is truly independent of the SSH transport as
the last revision of the draft stated is SECSH-WG really the correct
group to be designing it ?  What is it about SFTP that makes it
suitable for the security area ? Would a group in the applications area
be more appropriate ?

--
Darren J Moffat