| <!DOCTYPE html>
|
|
|
| <html lang="en">
|
| <head>
|
| <title>FtpServer draft-twine-ftpmd5-00 — Apache MINA</title>
|
|
|
| <link href="/assets/css/common.css" rel="stylesheet" type="text/css"/>
|
| <link href="/assets/css/ftpserver.css" rel="stylesheet" type="text/css"/>
|
| </head>
|
| <body>
|
| <script src="https://www.apachecon.com/event-images/snippet.js"></script>
|
| <div id="container">
|
| <div id="header">
|
| <div id="subProjectsNavBar">
|
| <a href="/">
|
|
|
| Apache MINA Project
|
|
|
| </a>
|
| |
|
| <a href="/mina-project/">
|
|
|
| MINA
|
|
|
| </a>
|
| |
|
| <a href="/asyncweb-project/">
|
|
|
| AsyncWeb
|
|
|
| </a>
|
| |
|
| <a href="/ftpserver-project/">
|
|
|
| <strong>FtpServer</strong>
|
|
|
| </a>
|
| |
|
| <a href="/sshd-project/">
|
|
|
| SSHD
|
|
|
| </a>
|
| |
|
| <a href="/vysper-project/">
|
|
|
| Vysper
|
|
|
| </a>
|
| </div>
|
| </div>
|
|
|
|
|
| <div id="content">
|
| <div id="leftColumn">
|
| <div id="navigation">
|
| <a class="acevent" data-format="wide" data-width="170"></a>
|
| <h5>Social Networks</h5>
|
| <ul>
|
| <li><a href="https://fosstodon.org/@apachemina">Apache MINA Mastodon</a></li>
|
| </ul>
|
| <h5>Overview</h5>
|
| <ul>
|
| <li><a href="/ftpserver-project/index.html">Home</a> </li>
|
| <li><a href="/ftpserver-project/features.html">Features</a> </li>
|
| <li><a href="/ftpserver-project/download_1_1.html">FtpServer 1.1.4</a></li>
|
| <li><a href="/ftpserver-project/download_1_2.html">FtpServer 1.2.0</a></li>
|
| <li><a href="/ftpserver-project/old-downloads.html">Old Downloads</a></li>
|
| <li><a href="/ftpserver-project/documentation.html">Documentation</a></li>
|
| <li><a href="/ftpserver-project/gen-docs/latest-1.1/apidocs/index.html" class="external-link" rel="nofollow">API Javadoc 1.1.4</a></li>
|
| <li><a href="/ftpserver-project/gen-docs/latest-1.2/apidocs/index.html" class="external-link" rel="nofollow">API Javadoc 1.2.0</a></li>
|
| <li><a href="/ftpserver-project/getting_source.html">Sources</a></li>
|
| <li><a href="/ftpserver-project/faq.html">FAQ</a></li>
|
| <li><a href="/ftpserver-project/related_project.html">Related Project</a></li>
|
| </ul>
|
|
|
| <h5>Community</h5>
|
| <ul>
|
| <li><a href="/ftpserver-project/mailing_list.html">Mailing Lists</a></li>
|
| <li><a href="/ftpserver-project/getting_involved.html">Getting Involved</a></li>
|
| <li><a href="/ftpserver-project/reporting_bug.html">Reporting a Bug</a></li>
|
| <li><a href="/ftpserver-project/contributors.html">Contributors</a></li>
|
| <li><a href="https://www.apache.org/foundation/contributing.html">Contributing</a></li>
|
| <li><a href="https://www.apache.org/licenses/">License</a></li>
|
| <li><a href="https://www.apache.org/security/">Security</a></li>
|
| </ul>
|
|
|
| <h5>Sponsorship</h5>
|
| <ul>
|
| <li><a href="https://www.apache.org/foundation/thanks.html">Thanks</a></li>
|
| <li><a href="https://www.apache.org/foundation/sponsorship.html">Sponsorship</a></li>
|
| <li><a href="https://www.apache.org/">apache.org</a></li>
|
| </ul>
|
| </div>
|
| </div>
|
| <div id="rightColumn">
|
|
|
|
|
| |
| <h1 id="draft-twine-ftpmd5-00">draft-twine-ftpmd5-00</h1> |
| <div class="highlight"><pre style="background-color:#f8f8f8;-moz-tab-size:4;-o-tab-size:4;tab-size:4"><code class="language-text" data-lang="text">INTERNET-DRAFT JRTwine Software, LLC |
| draft-twine-ftpmd5-00.txt May, 2002 |
| |
| |
| The 'MD5' and "MMD5" FTP Command Extensions |
| |
| Status of This Document |
| |
| This document is an Internet-Draft and is subject to all provisions |
| of Section 10 of RFC2026. |
| |
| Internet-Drafts are working documents of the Internet Engineering |
| Task Force (IETF), its areas, and its working groups. Note that |
| other groups may also distribute working documents as |
| Internet-Drafts. |
| |
| Internet-Drafts are draft documents valid for a maximum of six |
| months and may be updated, replaced, or obsoleted by other |
| documents at any time. It is inappropriate to use |
| Internet-Drafts as reference material or to cite them other than as |
| "work in progress" |
| |
| The list of current Internet-Drafts can be accessed at |
| http://www.ietf.org/1id-abstracts.html |
| |
| The list of Internet-Draft Shadow Directories can be accessed at |
| http://www.ietf.org/shadow.html |
| |
| |
| Abstract |
| |
| This document specifies two additions to the File Transfer Protocol |
| (FTP). These additions (new Server commands) would give FTP |
| Servers the ability to generate (or otherwise obtain) and return |
| MD5 checksums for the files it has available for transfer. |
| |
| It is the author's belief that this would provide a great benefit |
| to the Internet community, because it would allow automated |
| transfer agents, as well as Web Browsers and other |
| "click-to-download" applications to be able to automatically verify |
| the data of a downloaded file, and hence be able to detect any data |
| tampering and/or corruption that may occurred while "on the wire", |
| or possibly while the file was on the Server (a virus infection). |
| |
| |
| Copyright Notice |
| |
| This document is in the public domain. Any and all copyright |
| protection that might apply in any jurisdiction is expressly |
| disclaimed. |
| |
| |
| Comments |
| |
| Comments should be directed to James R. Twine (jtwine@jrtwine.com). |
| |
| J.Twine Internet-Draft [Page 1] |
| |
| INTERNET-DRAFT The 'MD5' and "MMD5" FTP Command Extensions May 2002 |
| |
| Table of Contents |
| |
| Abstract . . . . . . . . . . . . . . . . . . . . . . . . . . 1 |
| Table of Contents . . . . . . . . . . . . . . . . . . . . . 2 |
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 |
| 2. Rational . . . . . . . . . . . . . . . . . . . . . . . . . . 3 |
| 3. Server Requirements . . . . . . . . . . . . . . . . . . . . 3 |
| 3.1 Command Format (MD5) . . . . . . . . . . . . . . . . . . . 4 |
| 3.1.1 MD5 Examples . . . . . . . . . . . . . . . . . . . . . . . 4 |
| 3.2 Command Format (MMD5) . . . . . . . . . . . . . . . . . . . 5 |
| 3.2.1 MMD5 Examples . . . . . . . . . . . . . . . . . . . . . . 5 |
| 4. References . . . . . . . . . . . . . . . . . . . . . . . . . 6 |
| 5. Author's Address . . . . . . . . . . . . . . . . . . . . . . 6 |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| J.Twine Internet-Draft [Page 2] |
| |
| INTERNET-DRAFT The 'MD5' and "MMD5" FTP Command Extensions May 2002 |
| |
| 1. Introduction |
| |
| This Draft is being distributed to members of the Internet |
| community in order to solicit their reactions to the proposals |
| contained in it. |
| |
| |
| 2. Rational |
| |
| FTP is still very much in use on the Internet. These days, some |
| servers make available files that contain the checksums for some of |
| the files that are available. These available checksums allow |
| users to be able to verify the content of the files that they have |
| downloaded. |
| |
| However, this introduces some additional overhead: these MD5 |
| checksums must be manually generated, put into a file, the file |
| placed where it can be accessed. Then, users must manually |
| download the file containing the checksum, generate an MD5 checksum |
| from the file they just downloaded, and (usually) visually compare |
| the two checksums to determine the validity of the file. |
| |
| Having these tasks automated, by making the MD5 checksums available |
| directly from the FTP Server proper, and having file-transfer |
| implementations use them, alleviates some of the user intervention |
| that would otherwise be required. |
| |
| |
| 3. Server Requirements |
| |
| FTP Servers would have to implement a new server-side command, |
| called "MD5", this command would normally generate and return a |
| MD5 for the specified file. |
| |
| Optionally, the FTP Server could also implement the "MMD5" command, |
| which is used to obtain MD5 checksums for multiple files using a |
| single request. |
| |
| (These commands impose no specific or additional syntax on the |
| formatting of a filepath, they use the Server's existing |
| conventions.) |
| |
| The Server implementation is also free to use some form of |
| caching to keep the generated MD5 checksums, so that the MD5 |
| checksum values do not have to be regenerated over and over again |
| when requested. |
| |
| This also allows the Server implementations to maintain some level |
| of security: the Server can expose administrative commands that |
| regenerate the cache of MD5 checksums on command, thus allowing |
| for "known good" checksums to be kept, and would be insensitive to |
| things like the file becoming corrupted or otherwise tampered with |
| after the "known good" MD5 checksum was generated. |
| |
| |
| J.Twine Internet-Draft [Page 3] |
| |
| INTERNET-DRAFT The 'MD5' and "MMD5" FTP Command Extensions May 2002 |
| |
| A Server implementation could even take that approach one step |
| further: by generating additional MD5 checksums "on the fly" and |
| comparing them to the "known good" values that were stored earlier, |
| the Server would now have the ability to detect file corruption |
| and/or tampering earlier than the user would normally discover. |
| |
| The command would support a full or relative path, so that a |
| directory change would not be necessary in order to obtain the |
| MD5 checksum of a particular file. Of course, the command |
| should normally be restricted to the directory tree and/or files |
| that the connected user would normally have access to. |
| |
| |
| 3.1 Command Format (MD5) |
| |
| The "MD5" command is used to obtain a MD5 checksum for a single |
| file, and is specified as follows: |
| |
| MD5 [Filepath] |
| |
| Possible responses to this command would normally include: |
| |
| 251 [FilePath] E67DED2886048D308532042B777D53CF |
| 500 Command Not Recognized |
| 502 Command Not Implemented |
| 504 Command Not Implemented for the Specified Argument |
| |
| (Note that the returned MD5 checksum is in UPPERCASE.) |
| |
| A successful response of "251" would contain the specified |
| filepath (verbatim) followed by a space (or some amount of |
| whitespace), and then followed by the MD5 checksum value in |
| ASCII format. |
| |
| An error return of "500" would be for an obvious reason: the FTP |
| Server does not recognize the "MD5" command. |
| |
| An error return of "502" would be appropriate if the FTP Server |
| recognized the command, but did not support it, or the FTP Server |
| administrator disabled it. |
| |
| An error return of "504" would be appropriate if the user requested |
| an MD5 checksum for a directory (for example). |
| |
| 3.1.1 MD5 Examples |
| |
| This first example demonstrates a request for a MD5 checksum of a |
| single file ("C>" is Client input, and "S>" is Server response): |
| |
| C> MD5 filename.ext |
| S> 251 filename.ext E67DED2886048D308532042B777D53CF |
| |
| This second example demonstrates a request for a MD5 checksum of a |
| directory: |
| |
| J.Twine Internet-Draft [Page 4] |
| |
| INTERNET-DRAFT The 'MD5' and "MMD5" FTP Command Extensions May 2002 |
| |
| C> MD5 ".." |
| S> 504 Command Not Implemented for the Specified Argument |
| |
| |
| This third example demonstrates a request for a MD5 checksum of a |
| file using a relative path: |
| |
| C> MD5 "../SomeDir/A File.txt" |
| S> 251 "../SomeDir/A File.txt" 604E67DED8D308B777D53CF532042288 |
| |
| 3.2 Command Format (MMD5) |
| |
| The "MMD5" command is used to obtain MD5 checksums for multiple |
| files by a single request. Filepaths are comma separated, and are |
| specified as follows (it is to be considered valid to specify a |
| single filepath with with MMD5 command): |
| |
| MMD5 [Filepath1], [Filepath2] [...] |
| |
| Possible responses to this command would normally include: |
| |
| 252 [FilePath1] E67DED2886048D308532042B777D53CF,[Filepath2] |
| 308536048D20E67D77D53CFED28842B7 [...] |
| 500 Command Not Recognized |
| 502 Command Not Implemented |
| 504 Command Not Implemented for the Specified Argument |
| |
| A successful response of "252" would contain comma separated |
| "groups" of MD5 checksum information. Each group would contain the |
| specified filepath (verbatim) followed by a space (or some amount |
| of whitespace) followed by the MD5 checksum value in |
| ASCII format. |
| |
| An error return of "500" would be the same as described for the "MD5" |
| command. |
| |
| An error return of "502" would be appropriate if the "MMD5" command |
| was not implemented or disabled. |
| |
| An error return of "504" would be the same as described form the "MD5" |
| command, with this exception: of any of the specified filepaths were |
| invalid, the server would return this error code (i.e. it would |
| no MD5 checksums at all). |
| |
| |
| 3.2.1 MMD5 Examples |
| |
| This first example demonstrates a request for a MD5 checksum of a |
| single file: |
| |
| C> MMD5 filename.ext |
| S> 251 filename.ext E67DED2886048D308532042B777D53CF |
| |
| |
| J.Twine Internet-Draft [Page 5] |
| |
| INTERNET-DRAFT The 'MD5' and "MMD5" FTP Command Extensions May 2002 |
| |
| This second example demonstrates a request for the MD5 checksums |
| for two files: |
| |
| C> MMD5 filename.ext, "../SomeDir/A File.txt" |
| S> 252 filename.ext E67DED2886048D308532042B777D53CF, |
| "../SomeDir/A File.txt" 604E67DED8D308B777D53CF532042288 |
| |
| |
| This third example demonstrates a request for the MD5 checksums of |
| a file and a directory: |
| |
| C> MD5 filename.ext, ".." |
| S> 504 Command Not Implemented for the Specified Argument |
| |
| |
| 4. References |
| |
| [1] Postel, J., Reynolds J., "Instructions to RFC Authors", |
| RFC 2223, October 1997 |
| |
| [2] Postel, J., Reynolds J., "FILE TRANSFER PROTOCOL (FTP)", |
| RFC 959, October 1958 |
| |
| [3] Rivest, R., "The MD5 Message-Digest Algorithm", RFC 1321, |
| April 1992 |
| |
| [4] Various, "Guidelines to Authors of Internet-Drafts", |
| http://www.ietf.org/ietf/1id-guidelines.txt |
| |
| |
| 5. Author's Address |
| |
| James R. Twine |
| JRTwine Software, LLC |
| 379 Shirley Hill Road |
| Goffstown, NH, 03045 |
| (USA) |
| |
| Phone: +1 603-644-1307 |
| EMail: jtwine@jrtwine.com |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| J.Twine Internet-Draft [Page 6] |
| </code></pre></div> |
|
|
|
|
|
|
| </div>
|
| <div id="endContent"></div>
|
| </div>
|
|
|
| <div id="footer">
|
| © 2003-2024, <a href="https://www.apache.org">The Apache Software Foundation</a> - <a href="https://privacy.apache.org/policies/privacy-policy-public.html">Privacy Policy</a><br />
|
| Apache MINA, MINA, Apache Vysper, Vysper, Apache SSHd, SSHd, Apache FtpServer, FtpServer, Apache AsyncWeb, AsyncWeb,
|
| Apache, the Apache feather logo, and the Apache Mina project logos are trademarks of The Apache Software Foundation.
|
| </div>
|
|
|
| </div>
|
|
|
|
|
| </body>
|
|
|
| </html>
|