[JDEV] File transfer ideas

Dave dave at dave2.dave.tj
Sat Feb 16 18:20:04 CST 2002 

Just BTW, using FTP would make the protocol VERY firewall-unfriendly,
because one of the parties (depending on whether you're using passive
mode or not) has to open a new listening port, and has to inform the other
what port was opened.  Unless the firewall also knows that it's supposed
to open that port (i.e., some sort of smart FTP proxy/firewall/router),
tranfers using FTP will be impossible.)  In effect, all transfers in FTP
are OOB, so we'd be creating the exact same problems we're trying to avoid
by using FTP.  HTTP does everything in one connection (as does SMTP),
so either of those can easily be implemented via the PASS component.

Dave Cohen <dave at dave.tj>


David Sutton wrote:
> 
> Hi there,
> 
> On Fri, 2002-02-15 at 22:19, jankowski at bigwhoop.org wrote:
> > 
> > /me agrees - I havent really seen a thorough, complete description with
> > any of the new file xfer ideas...
> >
> Nor have I, hence starting the ball rolling :)
> >
> > Also, what cant people do w/ OOB that they want to?
> >
> I think the main issue with the whole file transfer is that the aim is
> to keep the file transfer out of the xml stream used by the jabber
> client itself .. xml isn't good at binary, and large quantities of data
> make IM become NQIM .. Not Quite Instant Messaging :)
>  
> >
> > I think it would be a cool if a client implemented an
> > in-client-temporary-mini-httpd, using any port they wanted, to serve files
> > to those requesting them.  Seems like you could roll enough security into
> > the randomness of a generated URI to do at least what any other idea
> > would, or at a minimum provide as much security as your jabber
> > conversation would otherwise have.  That also keeps file transfer as p2p,
> > and doesnt burden the server.
> >
> One of the key problems of the client serving the file is that it stops
> anyone behind a firewall being able to send files, something that will
> affect many business users, and often normal home users too .. I know of
> several isps who put give dialin users a reserved class ip address, and
> use a masquerading firewall for the net access .. its secure, and
> protects the users, but it also stops anyone being able to see your
> machine.
>  
> >
> > The suggestion here seems like something better handled by, for example, a
> > "file aggregating component"(ala an FTP service), which could clearly use
> > a combination of OOB and some discovery method to do what it needed to.
> > 
> I used HTTP as a reference as it is the most popular of the protocols
> mentioned, and many people already use that for the various different
> mini-implementations i've seen .. there is nothing to stop you from
> using FTP instead of HTTP, apart from the fact that HTTP is still
> prefered in the whole scheme of firewalls than FTP is from what i've
> seen .. although I may be wrong and i'd be the first to admit that :)
> 
> David
> ---
> jid: peregrine at jabber.sys.legend.net.uk
> 
> -- rest of included message --
> 
> > -Matt
> > 
> > On Fri, 15 Feb 2002, Dave wrote:
> > 
> > > It sounds quite cool, but I just have a few quick questions:
> > > Can you please define "server?"
> > > Can you please define "client?"
> > > Can you please define "sender?"
> > > Can you please define "receiver?"
> > > Can you please define "user?"
> > >
> > > I was having a little trouble following the specifics, and I suspect that
> > > a more concrete definition for each term will probably help me out a bit.
> > >
> > > Sorry,
> > > Dave Cohen <dave at dave.tj>
> > 
> > 
> > _______________________________________________
> > jdev mailing list
> > jdev at jabber.org
> > http://mailman.jabber.org/listinfo/jdev
> 
> 
> 
> _______________________________________________
> jdev mailing list
> jdev at jabber.org
> http://mailman.jabber.org/listinfo/jdev
>

More information about the JDev mailing list