Re: future SFTP version question

To: pgut001%cs.auckland.ac.nz@localhost (Peter Gutmann)
Subject: Re: future SFTP version question
From: nisse%lysator.liu.se@localhost (Niels Möller)
Date: 28 Oct 2004 09:22:26 +0200

pgut001%cs.auckland.ac.nz@localhost (Peter Gutmann) writes:

> "denis bider" <ietf-ssh%denisbider.com@localhost> writes:
> 
> >Whether or not this is something for a separate Internet-Draft (documenting
> >the SFTP extension) or something that can be added to SFTP itself as an
> >optional feature is, I guess, up for the workgroup or the SFTP draft editor
> >to decide.
> 
> If you're going to produce signed receipts as proof-of-delivery, you're well
> into S/MIME / PGP territory. This seems to be going way beyond what SSH
> should be doing [...]

I agree this seems to be beyond what standard sftp is supposed to do.
And I also don't see why sftp extensions are crucial for supporting
the given use case. One could use plain sftp (or *any* file transfer
mechanism, for that matter) and the following convention:

  * Client uploads the file "foo" into a particular directory or using some
    particular naming scheme.

  * When upload is complete (sftp close), the server processes the
    file using the signature mechanisms of its choice (pgp, s/mime,
    whatever), and writes a receipt as a new file "foo.receipt".

  * The client downloads "foo.receipt". Everyone is happy.

Adding extensions to sftp to do this have the potential advantage of
letting us standardize it, but I seriously doubt it's worth the
effort; it seems too obscure and specialized.

Regards,
/Niels

Follow-Ups:
- Re: future SFTP version question
  - From: jason bailey

References:
- RE: future SFTP version question
  - From: Peter Gutmann

Prev by Date: Re: future SFTP version question
Next by Date: Re: SFTP v6?
Previous by Thread: Re: future SFTP version question
Next by Thread: Re: future SFTP version question
Indexes:

Home | Main Index | Thread Index | Old Index