RE: I-D ACTION:draft-ietf-secsh-filexfer-08.txt

Subject: RE: I-D ACTION:draft-ietf-secsh-filexfer-08.txt
From: "Richard Whalen" <Whalenr%process.com@localhost>
Date: Thu, 21 Apr 2005 10:58:37 -0400

Sorry for the delay in getting comments in, but I've been out due to my wife having a baby.


section 4.6 version re-negotiation
"If the client and server have negotiated any version higher than version '3'..."
should be:
"If the client and server have negotiated any version greater than or equal to version '3'..." (or something with similar meaning)

section 3.3 mentions the possibility of using SSH_FXP_EXTENDED to negotiate the uses for packet types 210-255, and refers to the section on the extensions.  But the section on extensions (9.) does not mention a formal way of negotiating usage.  How about something like:

byte SSH_FXP_EXTENDED
uint32 request-id
string "negotiate-extension"
string extension-name

the returned packet would be something of:
byte SSH_FXP_EXTENDED_REPLY
uint32 request-id
uint32 status (SSH_FX_OK, SSH_FX_OP_UNSUPPORTED, SSH_FX_FAILURE)
uint32 value to use if SSH_FX_OK, optional secondary status if failure

A status value of SSH_FX_OP_UNSUPPORTED would indicate that the "negotiate-extension" extended command is not supported. No secondary status is present in this case.

A status value of SSH_FX_FAILURE would indicate that "negotiate-extension" is supported, but that a opcode number could not be assigned.  A secondary status of SSH_FX_OP_UNSUPPORTED would indicate that the requested extension is not supported, or negotiation to assign it a number is not supported.  (Note that support of the extension can be determined by the "supported-features" extension in the SSH_FXP_VERSION packet.)

9.1.2 Could "check-file" be modified to be "check-file" or "check-file-handle" (The first accepting a filename, the second a handle), this would allow the implementation to avoid having to do an FXP_OPEN first.

Whether or not the suggested change is made, the description for the handle has some awkwardness to it:
"If ACE4_READ_DATA MUST was not included when the file was opened, the server MUST return STATUS_PERMISSION_DENIED."  The first MUST looks like it is extraneous.

Follow-Ups:
- Re: I-D ACTION:draft-ietf-secsh-filexfer-08.txt
  - From: Joseph Galbraith

Prev by Date: Re: Authenticated cipher modes
Next by Date: Implementations of 3des-ctr and blowfish-ctr?
Previous by Thread: Re: Copy-edit comments on filexfer-08
Next by Thread: Re: I-D ACTION:draft-ietf-secsh-filexfer-08.txt
Indexes:

Home | Main Index | Thread Index | Old Index