[Standards-JIG] File Transfer: advanced features

Justin Karneges justin-keyword-jabber.093179 at affinix.com
Tue Mar 2 18:06:16 UTC 2004

Replying to myself with further thoughts..

On Monday 01 March 2004 2:45 pm, Justin Karneges wrote:
> My initial thoughts are that TLS would be suitable for solving 1 & 2, and
> should be relatively easy to implement, considering that many clients
> already use it for connecting to the Jabber server.

Another possibility might be to use session keys negotiated by JEP-0116 to 
protect an S5B connection.  This would give us PGP identity capability 
without the need for the TLS library to support it (since it seems to be a 
rare feature).  Also, clients that don't wish to use a form of PKI for 
identity could take advantage of cached esession public keys to protect a 
file transfer just as they would a stanza.  JEP-0116 also supports 

> However, JEP-0105 doesn't sit well with me, mainly because of it's really
> loose sense as an SI profile (it's a stream initiation of no stream at
> all), and the fact that you'd have to send the meta-data of all files at
> the start, which could be large.  Perhaps we should look at how other
> protocols, such as SFTP, transfer trees or a batch of files before making a
> decision here.

A further thought on the subject of transferring multiple files in succession 
is the ability to reuse existing stream layers.  Transferring lots of files 
would result in many unnecessary S5B negotiations and tear-downs, when it 
would probably be better to just send all the files over one channel.


More information about the Standards mailing list