[JDEV] File Transfer Proposals

Iain Shigeoka iainshigeoka at yahoo.com
Sat Feb 16 23:45:02 CST 2002

On 2/16/02 2:39 PM, "Julian Missig" <julian at jabber.org> wrote:

> I want to get OOB and PASS working with decent JEPs before we even begin
> arguing webdav & friends, because that has a lot of the filesharing and
> caching issues...
> As for using your own protocol, I'm not a fan of that at all. There is
> really no reason to recreate HTTP/FTP and other such file-sending
> protocols. The entire point of sending files out-of-bound is that there
> are existing protocols which already do it and do it better, because
> they have experience.


> So, again I ask for comments which tell me *what is wrong with HTTP/FTP
> OOB and PASS*, not comments which tell me how you want to do it.

I think the problem is one we've been hitting a lot in standards and
security discussion lately: defining target markets (i.e., what the hell are
you talking about?)

I believe a lot of the controversy is really coming from the fact that "file
transfer" has almost no meaning.  One person may be seeing this as passing
2k graphics files for in-chat emoticons.  Another as 2MB confidential
spreadsheets between coworkers.  Another as 56kb streaming media.  Another
as legal 2gb divx movies (webdav?), and yet another as pirated 2gb divx
movies (gnutella?)  Now you can be really ambitious and try and come up with
a single solution that meets these (and the many other) possible markets for
file transfer protocols.  Or you can narrow your scope.  Either way though,
the real critical piece is defining what we're trying to do here.  It is
impossible to define any sort of right or wrong criteria if we don't even
know what the problem is.

I think it is good to create a FT protocol.  I think it is going to be hard
to do so to many/most/anyone's satisfaction if you don't first say what
you're trying to do.

Sarcasm alert!

So to answer your question:

http/ftp is too open.  I need to control bandwidth on server x
http/ftp is too difficult.  I need async, bi-directional, connections
through NAT/firewalls and can't run PASS (I run no servers)
http/ftp is too fat.  I just need to send 1k emoticons and don't want to run
the bloat of having a compliant http client and server on my 10kb pda
http/ftp is too limited.  I need about 100 features that neither provides.
http/ftp is too secure.  I need anonymous, under the radar FT ala JXTA
http/ftp is too insecure.  I need security as a hospital transferring
medical documents that must conform to HIPAA security legislation.
http/ftp is too accountable.  I need a way to trade (illegal) bytes without
legal liability
http/ftp is not accountable.  I need to be able to audit and limit all
communication and document transfer within my law/accounting firm as SEC
regulations require...
http/ftp is too reliable.  I need to send UDP-like streaming media where
missing data is best missed rather than retransmitted.
http/ftp is not reliable.  I need to send new programs to the controller
managing my x billion dollar satellite and it has to happen in real-time or
I'm screwed
And on and on and on


Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com

More information about the JDev mailing list