[Standards-JIG] File Transfer: advanced features

[Justin Karneges]

Now that a few clients have implemented the new file transfer specification, I 
think it's worth discussing possible enhancements.  There are 3 major 
features I have in mind:

1) Encryption
2) Compression
3) Folder/batch transfer

My initial thoughts are that TLS would be suitable for solving 1 & 2, and 
should be relatively easy to implement, considering that many clients already 
use it for connecting to the Jabber server.

Normally, TLS uses X.509 for identity purposes, but using PGP keys is possible 
with this extension:
  http://www.ietf.org/internet-drafts/draft-ietf-tls-openpgp-keys-04.txt
And of course, compression using this extension:
  http://www.ietf.org/internet-drafts/draft-ietf-tls-compression-07.txt

I'm not sure which libraries support which features, but I believe OpenSSL at 
least supports compression, and GnuTLS supports openpgp keys.

One question this raises is whether or not the TLS layer belongs at the file 
fransfer level or the stream layer level.  For instance, IBB could be secured 
using a stanza-level security protocol (such as JEP-0116), and thus wouldn't 
need additional file transfer encryption.  So perhaps what we want here is an 
extension to JEP-0065 (S5B), to support TLS.

Folder/batch transfer is a tricky issue.  We seem to already have a JEP to 
cover folders, called 'Tree Transfer' (JEP-0105).  It seems that this JEP 
could easily be modified to support batch transfers as well, by allowing any 
number of <directory> or <file> children of the <tree> element.

However, JEP-0105 doesn't sit well with me, mainly because of it's really 
loose sense as an SI profile (it's a stream initiation of no stream at all), 
and the fact that you'd have to send the meta-data of all files at the start, 
which could be large.  Perhaps we should look at how other protocols, such as 
SFTP, transfer trees or a batch of files before making a decision here.

-Justin