[JDEV] File Transfer Proposals

Julian Missig julian at jabber.org
Sat Feb 16 23:51:06 CST 2002

On Sun, 2002-02-17 at 00:45, Iain Shigeoka wrote:
> On 2/16/02 2:39 PM, "Julian Missig" <julian at jabber.org> wrote:
> > I want to get OOB and PASS working with decent JEPs before we even begin
> > arguing webdav & friends, because that has a lot of the filesharing and
> > caching issues...
> > 
> > As for using your own protocol, I'm not a fan of that at all. There is
> > really no reason to recreate HTTP/FTP and other such file-sending
> > protocols. The entire point of sending files out-of-bound is that there
> > are existing protocols which already do it and do it better, because
> > they have experience.
> [snip]
> > So, again I ask for comments which tell me *what is wrong with HTTP/FTP
> > OOB and PASS*, not comments which tell me how you want to do it.
> I think the problem is one we've been hitting a lot in standards and
> security discussion lately: defining target markets (i.e., what the hell are
> you talking about?)
> I believe a lot of the controversy is really coming from the fact that "file
> transfer" has almost no meaning.  One person may be seeing this as passing
> 2k graphics files for in-chat emoticons.  Another as 2MB confidential
> spreadsheets between coworkers.  Another as 56kb streaming media.  Another
> as legal 2gb divx movies (webdav?), and yet another as pirated 2gb divx
> movies (gnutella?)  Now you can be really ambitious and try and come up with
> a single solution that meets these (and the many other) possible markets for
> file transfer protocols.  Or you can narrow your scope.  Either way though,
> the real critical piece is defining what we're trying to do here.  It is
> impossible to define any sort of right or wrong criteria if we don't even
> know what the problem is.
> I think it is good to create a FT protocol.  I think it is going to be hard
> to do so to many/most/anyone's satisfaction if you don't first say what
> you're trying to do.
> Sarcasm alert!
> So to answer your question:
> http/ftp is too open.  I need to control bandwidth on server x
> http/ftp is too difficult.  I need async, bi-directional, connections
> through NAT/firewalls and can't run PASS (I run no servers)
> http/ftp is too fat.  I just need to send 1k emoticons and don't want to run
> the bloat of having a compliant http client and server on my 10kb pda
> client.
> http/ftp is too limited.  I need about 100 features that neither provides.
> http/ftp is too secure.  I need anonymous, under the radar FT ala JXTA
> http/ftp is too insecure.  I need security as a hospital transferring
> medical documents that must conform to HIPAA security legislation.
> http/ftp is too accountable.  I need a way to trade (illegal) bytes without
> legal liability
> http/ftp is not accountable.  I need to be able to audit and limit all
> communication and document transfer within my law/accounting firm as SEC
> regulations require...
> http/ftp is too reliable.  I need to send UDP-like streaming media where
> missing data is best missed rather than retransmitted.
> http/ftp is not reliable.  I need to send new programs to the controller
> managing my x billion dollar satellite and it has to happen in real-time or
> I'm screwed
> And on and on and on

There's a difference between *needing* a protocol for a specific purpose
and designing a new protocol just because you don't feel like using the
existing. Especially when the new protocol has the exact same
limitations as the existing ones.

email: julian at jabber.org
jabber:julian at jabber.org

More information about the JDev mailing list