Network Working Group J. Klensin Internet-Draft Updates: 959 (if approved) A. Hoenes Intended status: Standards Track TR-Sys Expires: April 19, 2010 October 16, 2009 FTP Extension Registry draft-klensin-ftp-registry-02.txt Status of this Memo This Internet-Draft is submitted to IETF in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on April 19, 2010. Copyright Notice Copyright (c) 2009 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents in effect on the date of publication of this document (http://trustee.ietf.org/license-info). Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Abstract Every version of the FTP specification has added a few new commands, with the early ones summarized in RFC 959. RFC 2389 established a Klensin & Hoenes Expires April 19, 2010 [Page 1] Internet-Draft FTP Extension Registry October 2009 mechanism for specifying and negotiating FTP extensions. As the number of those extensions increases, it appears useful to establish an IANA registry of FTP Command and Feature names to reduce the likelihood of conflict of names and the consequent ambiguity. This specification establishes that registry. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1.1. Discussion List . . . . . . . . . . . . . . . . . . . . . 3 2. Registry Definition . . . . . . . . . . . . . . . . . . . . . 3 2.1. Registry Name . . . . . . . . . . . . . . . . . . . . . . 3 2.2. Registry Format . . . . . . . . . . . . . . . . . . . . . 3 2.3. Criteria for Registration . . . . . . . . . . . . . . . . 5 2.4. Base FTP Commands Not Listed in Registry . . . . . . . . . 5 2.5. Obsolete Commands not Listed . . . . . . . . . . . . . . . 6 3. Initial Contents of Registry . . . . . . . . . . . . . . . . . 6 4. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 8 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8 6. Security Considerations . . . . . . . . . . . . . . . . . . . 8 7. References . . . . . . . . . . . . . . . . . . . . . . . . . . 9 7.1. Normative References . . . . . . . . . . . . . . . . . . . 9 7.2. Informative References . . . . . . . . . . . . . . . . . . 9 Appendix A. Change Log . . . . . . . . . . . . . . . . . . . . . 10 A.1. Changes in Version-01 . . . . . . . . . . . . . . . . . . 10 A.2. Changes in Version-02 . . . . . . . . . . . . . . . . . . 10 A.3. Changes in Version-03 . . . . . . . . . . . . . . . . . . 10 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 10 Klensin & Hoenes Expires April 19, 2010 [Page 2] Internet-Draft FTP Extension Registry October 2009 1. Introduction Every version of the FTP specification has added a few new commands, with the early ones summarized in RFC 959 [RFC0959]. RFC 2389 [RFC2389] established a mechanism for specifying and negotiating extensions to the FTP protocol specified in RFC 959 [RFC0959], by means of "FEAT Strings" identifying extensions supported by the FTP server, and sent in response to a "FEAT" command. As the number of those extensions increases, it appears useful to establish an IANA registry to reduce the likelihood of conflict of names and the consequent ambiguity. This specification establishes that registry. 1.1. Discussion List [[ RFC Editor: please remove this section before publication. ]] Until and unless a WG is created, this proposal will be discussed on the list apps-discuss@ietf.org 2. Registry Definition 2.1. Registry Name The recommended name of this registry is "FTP Extensions". 2.2. Registry Format IANA is requested to establish a registry for FTP commands and extensions whose entries should include the following: Command Name - The FTP command, either new or modified, used in the extension or with which the extension is used. Following the long-standing practice to capitalize command names in specification documents for FTP, the command names are entered in all uppercase. For extensions amending the operation of a command, a plus sign ("+") is appended to the command name. However, an extension might not be bound to one command (or a small number of commands), but affect the overall command parameter handling and/or transaction processing; in this case, the string "-N/A-" is entered. It is intended to have the registry entries ordered by ascending ASCII collation order. Klensin & Hoenes Expires April 19, 2010 [Page 3] Internet-Draft FTP Extension Registry October 2009 Extension name - The name of the extension. FTP extensions predating [RFC2389], and some extensions published after it as well, did not specify a keyword to identify the extension in a FEAT response. Some other specifications later have established FEAT strings with the respective command names as their keywords. In order to reserve keywords for future specifications in such cases, this document establishes 'placeholder' keywords to reserve reasonable feature names for future standardization. To accommodate for this idiosyncrasy, the column in the registry is entitled "FEAT Code", and to clearly distinguish between the two cases, defined FEAT keywords codes are listed in all uppercase, whereas 'placeholder' keywords are listed in lowercase. Future specifications are allowed to "upgrade" a placeholder to a true keyword, but otherwise IANA maintains uniqueness of feature names (FEAT codes) based on case-insensitive comparison. Description - A brief description of the extension and, where appropriate, the command. FEAT String - (optional in registration requests to the IANA) The string expected to be included in the response to the FEAT command (see RFC 2389 [RFC2389]) if the extension is supported. In many cases, the FEAT string required to identify an extension only consists of the "FEAT Code", making this item redundant. Therefore, this item should only be specified if it is intended to register a FEAT string that contains more mandatory elements than the mere "FEAT Code". Due to space restrictions, and to allow registrants to provide additional information as well, IANA should present these registration items (if given) in numbered footnotes to the table, not in an additional table column. Command Type - The type (or 'kind') of the command. Section 4.1 of RFC 959 [RFC0959] has introduced a subdivision of FTP commands into three types: Access control, transfer Parameter {setting}, and Service {execution}. For clarity and as a service to the user of the registry, this subdivision is extended to all registered FTP commands, using the characteristic initial of the type, 'a', 'p', or 's', respectively, filed in the registry column entitled "type"; combinations are allowed, e.g. 'p/s' Conformance Requirements - The support expectation for the command. [RFC0959] specifies mandatory-to-implement commands and optional commands. This classification is carried over to all registered commands, using a column entitled "conf" carrying a single character -- either 'm' or 'o', for "mandatory" and "optional", respectively. Beyond the initial registrations, Standards Action [RFC5226] is needed to register new "mandatory" entries. Klensin & Hoenes Expires April 19, 2010 [Page 4] Internet-Draft FTP Extension Registry October 2009 Reference - A reference to an RFC or other definition of the extension and/or to implementations supporting it (see the next section). 2.3. Criteria for Registration This registry is primarily intended to avoid conflicting uses of the same extension names and command keywords for different purposes, not to demonstrate that an extension is somehow "approved". The "expert review" method will be used, but the designated expert is expected to check only that one of the two criteria that follow are met. 1. The extension is described in an RFC or other generally-available publication for which the fact of publication indicates some level of peer review of document quality. 2. The extension is actually implemented in FTP client and server systems that are generally available (not necessarily either free or unencumbered, but available) and those systems are identified as part of the documentation requirement above. For an extension or command to be marked "mandatory" ('m' in the "conf" column), an IETF Standards Track Specification is required. An IESG Standards Action is allowed to direct IANA to change the Conformance Requirements listed for any entry. 2.4. Base FTP Commands Not Listed in Registry The following commands are part of the base FTP specification [RFC0959] and hence are not listed in the registry. Mandatory commands: ABOR, ACCT, ALLO, APPE, CWD, DELE, HELP, LIST, MODE, NLST, NOOP, PASS, PASV, PORT, QUIT, REIN, REST, RETR, RNFR, RNTO, SITE, STAT, STOR, STRU, TYPE, USER Optional commands: CDUP, MKD, PWD, RMD, SMNT, STOU, SYST Note: STD 3 [RFC1123] contains important complementary information for the following commands: LIST, NLST, PASV, REST, SITE, STOU Klensin & Hoenes Expires April 19, 2010 [Page 5] Internet-Draft FTP Extension Registry October 2009 2.5. Obsolete Commands not Listed The following commands were specified as experimental in [RFC0775] but later deprecated by [RFC1123] and are hence not listed, because [RFC0959] specifies their standard successors. XCUP, XCWD, XMKD, XPWD, XRMD The following commands were specified as part of the "FOOBAR" IPng effort in [RFC1545][RFC1639] and are now obsolete. LPRT, LPSV 3. Initial Contents of Registry As a service to users of the registry and the authors of existing specifications, all FTP commands and features published in RFCs after STD 3 [RFC1123] and up at the time of this writing are included into the registry upon creation. The following pseudo FEAT codes have been assigned, according to Section 2: secu - FTP Security Extensions [RFC2228] feat - FTP Feature Negotiation [RFC2389] nat6 - FTP Ext'ns for NAT/IPv6 [RFC2428] Using conservative judgment of implementation requirements as contemporarily seen, the extensions specified in [RFC2389] and [RFC2428] have been marke "mandatory" below: without RFC 2389 [RFC2389], feature negotiation is impossible, and RFC 2428 [RFC2428] specifies commands that are essential for FTP operation in many parts the of the current Internet, in the presence of middleboxes and firewalls, and for FTP transport over IPv6. Klensin & Hoenes Expires April 19, 2010 [Page 6] Internet-Draft FTP Extension Registry October 2009 +-------+--------+-----------------+------+------+------------------+ | cmd | FEAT | description | type | conf | RFC#s/References | | | Code | | | | and Notes | +-------+--------+-----------------+------+------+------------------+ | ADAT | secu | Authent./ | a | o | 2228,2773,4217 | | | | Security Data | | | | | AUTH+ | secu | Authent./ | a | o | 2228 | | | | Security | | | | | | | Mechanism | | | | | AUTH+ | AUTH | Authent./ | a | o | 2773,4217 #1 | | | | Security | | | | | | | Mechanism | | | | | CCC | secu | Clear Command | a | o | 2228 | | | | Channel | | | | | CONF | secu | Confident. | a | o | 2228 | | | | Protected | | | | | | | Command | | | | | ENC | secu | Privacy | a | o | 2228,2773,4217 | | | | Protected | | | | | | | Command | | | | | EPRT | nat6 | Extended Port | p | m | 2428 | | EPSV | nat6 | Extended | p | m | 2428 | | | | Passive Mode | | | | | FEAT | feat | Feature | a | m | 2389 | | | | Negotiation | | | | | LANG | UTF8 | (Server | p | o | 2640 | | | | Messages) | | | | | | | Language | | | | | MDTM | MDTM | File | s | o | 3659 | | | | Modification | | | | | | | Time | | | | | MIC | secu | Integrity | a | o | 2228,2773,4217 | | | | Protected | | | | | | | Command | | | | | MLSD | MLST | List Directory | s | o | 3659 | | | | (for machine) | | | | | MLST | MLST | List Single | s | o | 3659 | | | | Object | | | | | OPTS | feat | Options | p | m | 2389 | | PBSZ | secu | Protection | p | o | 2228 | | | | Buffer Size | | | | | PBSZ+ | PBSZ | Protection | p | o | 4217 | | | | Buffer Size | | | | | PROT | secu | Data Channel | p | o | 2228 | | | | Prot. Level | | | | | PROT+ | PROT | Data Channel | p | o | 4217 | | | | Prot. Level | | | | Klensin & Hoenes Expires April 19, 2010 [Page 7] Internet-Draft FTP Extension Registry October 2009 | REST | REST | Restart (for | s/p | m | 3659 #2 | | | | STREAM mode) | | | | | SIZE | SIZE | File Size | s | o | 3659 | | -N/A- | TVFS | Trivial Virtual | p | o | 3659 | | | | File Store | | | | +-------+--------+-----------------+------+------+------------------+ Table 1 Footnotes: #1 FEAT String for [RFC4217]: AUTH TLS FEAT String for [RFC2773]: AUTH KEA-SKIPJACK #2 FEAT String: REST STREAM 4. Acknowledgments Any work to update or extend FTP depends on the base specification in RFC 959. The contributions of its editors, Jon Postel and Joyce Reynolds, are gratefully acknowledged. The option negotiation mechanism specified in RFC 2389 and the accumulation of features that has followed it made this registry relevant; the authors of those documents are acknowledged as well. Barry Leiba and Alexey Melnikov made several suggestions about earlier drafts of this document, most of which have been incorporated. 5. IANA Considerations IANA is requested to establish the registry described in Section 2. New entries should be added to this registry when extensions to FTP are approved or defined in published RFCs or when extensions that are already in use and well-documented are identified. In other words, the requirement for registration is "Specifications Required" [RFC5226] with Expert Review. See Section 2.3 for specifics and one exception. 6. Security Considerations The creation of this registry provides improved documentation and protection against interoperability problems. It introduces no new Klensin & Hoenes Expires April 19, 2010 [Page 8] Internet-Draft FTP Extension Registry October 2009 security issues. 7. References 7.1. Normative References [RFC0959] Postel, J. and J. Reynolds, "File Transfer Protocol", STD 9, RFC 959, October 1985. [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC2228] Horowitz, M., "FTP Security Extensions", RFC 2228, October 1997. [RFC2389] Hethmon, P. and R. Elz, "Feature negotiation mechanism for the File Transfer Protocol", RFC 2389, August 1998. [RFC2428] Allman, M., Ostermann, S., and C. Metz, "FTP Extensions for IPv6 and NATs", RFC 2428, September 1998. [RFC2773] Housley, R. and P. Yee, "Encryption using KEA and SKIPJACK", RFC 2773, February 2000. [RFC4217] Ford-Hutchinson, P., "Securing FTP with TLS", RFC 4217, October 2005. [RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an IANA Considerations Section in RFCs", BCP 26, RFC 5226, May 2008. 7.2. Informative References [RFC0775] Mankins, D., Franklin, D., and A. Owen, "Directory oriented FTP commands", RFC 775, December 1980. [RFC1123] Braden, R., "Requirements for Internet Hosts - Application and Support", STD 3, RFC 1123, October 1989. [RFC1545] Piscitello, D., "FTP Operation Over Big Address Records (FOOBAR)", RFC 1545, November 1993. [RFC1639] Piscitello, D., "FTP Operation Over Big Address Records (FOOBAR)", RFC 1639, June 1994. Klensin & Hoenes Expires April 19, 2010 [Page 9] Internet-Draft FTP Extension Registry October 2009 Appendix A. Change Log A.1. Changes in Version-01 Updated document to reflect new date and IPR statement. A.2. Changes in Version-02 Several small changes in response to initial AD review. Changed registry model from "extension" to "command" + "extension". While ??? Corrections from Alfred Hoenes, followed by adding his initial registry list and adding him as co-author. A.3. Changes in Version-03 Added description of the derivation of Table 1 to Section 3. Swapped columns 2 and 3 in Table 1. Consolidated "cmd" column content format to tag command amendments and FTP features without a particular command, and renamed space eating column 5 to "conf". Added missing footnotes to Table 1. Aligned Section 2 with Table 1, adding much information on column format; removed orphan; specified collation of entries by "cmd". Introduced Standards Track requirement for commands in the registry to be designated as mandatory in Section 2.3 and Section 2; specified particular IESG change control for the "conf" column in the registry. Split list in Section 2.4 into Mandatory and Optional, added pointer to RFC 1123. Mention std. replacements per RFC 959 in Section 2.5. Numerous editorial fixes. Klensin & Hoenes Expires April 19, 2010 [Page 10] Internet-Draft FTP Extension Registry October 2009 Authors' Addresses John C Klensin 1770 Massachusetts Ave, Ste 322 Cambridge, MA 02140 USA Phone: +1 617 245 1457 Email: john+ietf@jck.com Alfred Hoenes TR-Sys Gerlinger Str. 12 Ditzingen D-71254 Germany Email: ah@TR-Sys.de Klensin & Hoenes Expires April 19, 2010 [Page 11]