On Sun, 2002-02-17 at 00:45, Iain Shigeoka wrote: > On 2/16/02 2:39 PM, "Julian Missig" <[EMAIL PROTECTED]> wrote: > > > I want to get OOB and PASS working with decent JEPs before we even begin > > arguing webdav & friends, because that has a lot of the filesharing and > > caching issues... > > > > As for using your own protocol, I'm not a fan of that at all. There is > > really no reason to recreate HTTP/FTP and other such file-sending > > protocols. The entire point of sending files out-of-bound is that there > > are existing protocols which already do it and do it better, because > > they have experience. > > [snip] > > > So, again I ask for comments which tell me *what is wrong with HTTP/FTP > > OOB and PASS*, not comments which tell me how you want to do it. > > I think the problem is one we've been hitting a lot in standards and > security discussion lately: defining target markets (i.e., what the hell are > you talking about?) > > I believe a lot of the controversy is really coming from the fact that "file > transfer" has almost no meaning. One person may be seeing this as passing > 2k graphics files for in-chat emoticons. Another as 2MB confidential > spreadsheets between coworkers. Another as 56kb streaming media. Another > as legal 2gb divx movies (webdav?), and yet another as pirated 2gb divx > movies (gnutella?) Now you can be really ambitious and try and come up with > a single solution that meets these (and the many other) possible markets for > file transfer protocols. Or you can narrow your scope. Either way though, > the real critical piece is defining what we're trying to do here. It is > impossible to define any sort of right or wrong criteria if we don't even > know what the problem is. > > I think it is good to create a FT protocol. I think it is going to be hard > to do so to many/most/anyone's satisfaction if you don't first say what > you're trying to do. > > Sarcasm alert! > > So to answer your question: > > http/ftp is too open. I need to control bandwidth on server x > http/ftp is too difficult. I need async, bi-directional, connections > through NAT/firewalls and can't run PASS (I run no servers) > http/ftp is too fat. I just need to send 1k emoticons and don't want to run > the bloat of having a compliant http client and server on my 10kb pda > client. > http/ftp is too limited. I need about 100 features that neither provides. > http/ftp is too secure. I need anonymous, under the radar FT ala JXTA > http/ftp is too insecure. I need security as a hospital transferring > medical documents that must conform to HIPAA security legislation. > http/ftp is too accountable. I need a way to trade (illegal) bytes without > legal liability > http/ftp is not accountable. I need to be able to audit and limit all > communication and document transfer within my law/accounting firm as SEC > regulations require... > http/ftp is too reliable. I need to send UDP-like streaming media where > missing data is best missed rather than retransmitted. > http/ftp is not reliable. I need to send new programs to the controller > managing my x billion dollar satellite and it has to happen in real-time or > I'm screwed > And on and on and on
There's a difference between *needing* a protocol for a specific purpose and designing a new protocol just because you don't feel like using the existing. Especially when the new protocol has the exact same limitations as the existing ones. Julian -- email: [EMAIL PROTECTED] jabber:[EMAIL PROTECTED] _______________________________________________ jdev mailing list [EMAIL PROTECTED] http://mailman.jabber.org/listinfo/jdev
