On Wednesday, December 28, 2005 11:55:00 AM +0100 Tom Petch <nwnetworks%dial.pipex.com@localhost> wrote:
----- Original Message ----- From: "Salowey, Joe" <jsalowey%cisco.com@localhost> To: <ietf-ssh%NetBSD.org@localhost> Sent: Wednesday, December 28, 2005 2:40 AM Subject: SFTP URI issuesSeveral issues have been raised in the past month over the SFTP URI. Issue #1: On the IETF list several people expressed concern that the scheme name "sftp" might be confused with RFC 913 (Simple FTP) or RFC 2228/4217 (FTP security extensions using TLS). While I think 913 is historic and unlikely to cause confusion I believe there are implementations of TLS FTP around. I think there are probably many more implementations of sftp and many people would understand that SFTP is file transfer in SSH, but there is room for confusion. We could either note the confusion and keep sftp or select some other scheme name such as sshftp and reserve sftp so no other protocol uses it.Choose another one! ideally one starting with ftp like ftps or ftpssh; for me it is the ftp that matters most, with ssh being subsidiary to that (in an ssh WG, it it tempting but I think misleading to put it the other way round:-)
The widely adopted convention for naming "protocol X over TLS" is to append an "s" to the name of protocol X (https, imaps, etc). Using that name for this protocol would be highly misleading.
Second, it is worth noting that this protocol is _not_ FTP over SSH; it is the "SSH File Transfer Protocol", so named because it was originally intended to be carried over SSH, though I don't believe there is anything which prevents its use over other stream-oriented transports. You could begin calling the protocol "SSHFTP" instead of "SFTP", but I think that's likely to cause more confusion than does the conflict with RFC913, not to mention being harder to say. Calling the protocol "FTPSSH" or "FTPS" would be wrong; those aren't abbreviations for the name of the protocol, and are likely to confuse people into thinking you're talking about FTP-over-SSH or FTP-over-TLS, and this is neither. Using either of those as URI keywords would have exactly the same problem.
Personally, I think as long as people refer to the protocol as "SFTP", the SSH subsystem name used by the protocol is "sftp", and multiple implementations call their client "sftp", it would be silly and confusing to use any other name in the construction of a URI scheme.
-- Jeff