INTERNET-DRAFT JRTwine Software, LLC
draft-twine-ftpmd5-00.txt May, 2002
The 'MD5' and "MMD5" FTP Command Extensions
Status of This Document
This document is an Internet-Draft and is subject to all provisions
of Section 10 of RFC2026.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as
Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six
months and may be updated, replaced, or obsoleted by other
documents at any time. It is inappropriate to use
Internet-Drafts as reference material or to cite them other than as
"work in progress"
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/1id-abstracts.html
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html
Abstract
This document specifies two additions to the File Transfer Protocol
(FTP). These additions (new Server commands) would give FTP
Servers the ability to generate (or otherwise obtain) and return
MD5 checksums for the files it has available for transfer.
It is the author's belief that this would provide a great benefit
to the Internet community, because it would allow automated
transfer agents, as well as Web Browsers and other
"click-to-download" applications to be able to automatically verify
the data of a downloaded file, and hence be able to detect any data
tampering and/or corruption that may occurred while "on the wire",
or possibly while the file was on the Server (a virus infection).
Copyright Notice
This document is in the public domain. Any and all copyright
protection that might apply in any jurisdiction is expressly
disclaimed.
Comments
Comments should be directed to James R. Twine (jtwine@jrtwine.com).
J.Twine Internet-Draft [Page 1]
INTERNET-DRAFT The 'MD5' and "MMD5" FTP Command Extensions May 2002
Table of Contents
Abstract . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Table of Contents . . . . . . . . . . . . . . . . . . . . . 2
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Rational . . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Server Requirements . . . . . . . . . . . . . . . . . . . . 3
3.1 Command Format (MD5) . . . . . . . . . . . . . . . . . . . 4
3.1.1 MD5 Examples . . . . . . . . . . . . . . . . . . . . . . . 4
3.2 Command Format (MMD5) . . . . . . . . . . . . . . . . . . . 5
3.2.1 MMD5 Examples . . . . . . . . . . . . . . . . . . . . . . 5
4. References . . . . . . . . . . . . . . . . . . . . . . . . . 6
5. Author's Address . . . . . . . . . . . . . . . . . . . . . . 6
J.Twine Internet-Draft [Page 2]
INTERNET-DRAFT The 'MD5' and "MMD5" FTP Command Extensions May 2002
1. Introduction
This Draft is being distributed to members of the Internet
community in order to solicit their reactions to the proposals
contained in it.
2. Rational
FTP is still very much in use on the Internet. These days, some
servers make available files that contain the checksums for some of
the files that are available. These available checksums allow
users to be able to verify the content of the files that they have
downloaded.
However, this introduces some additional overhead: these MD5
checksums must be manually generated, put into a file, the file
placed where it can be accessed. Then, users must manually
download the file containing the checksum, generate an MD5 checksum
from the file they just downloaded, and (usually) visually compare
the two checksums to determine the validity of the file.
Having these tasks automated, by making the MD5 checksums available
directly from the FTP Server proper, and having file-transfer
implementations use them, alleviates some of the user intervention
that would otherwise be required.
3. Server Requirements
FTP Servers would have to implement a new server-side command,
called "MD5", this command would normally generate and return a
MD5 for the specified file.
Optionally, the FTP Server could also implement the "MMD5" command,
which is used to obtain MD5 checksums for multiple files using a
single request.
(These commands impose no specific or additional syntax on the
formatting of a filepath, they use the Server's existing
conventions.)
The Server implementation is also free to use some form of
caching to keep the generated MD5 checksums, so that the MD5
checksum values do not have to be regenerated over and over again
when requested.
This also allows the Server implementations to maintain some level
of security: the Server can expose administrative commands that
regenerate the cache of MD5 checksums on command, thus allowing
for "known good" checksums to be kept, and would be insensitive to
things like the file becoming corrupted or otherwise tampered with
after the "known good" MD5 checksum was generated.
J.Twine Internet-Draft [Page 3]
INTERNET-DRAFT The 'MD5' and "MMD5" FTP Command Extensions May 2002
A Server implementation could even take that approach one step
further: by generating additional MD5 checksums "on the fly" and
comparing them to the "known good" values that were stored earlier,
the Server would now have the ability to detect file corruption
and/or tampering earlier than the user would normally discover.
The command would support a full or relative path, so that a
directory change would not be necessary in order to obtain the
MD5 checksum of a particular file. Of course, the command
should normally be restricted to the directory tree and/or files
that the connected user would normally have access to.
3.1 Command Format (MD5)
The "MD5" command is used to obtain a MD5 checksum for a single
file, and is specified as follows:
MD5 [Filepath]
Possible responses to this command would normally include:
251 [FilePath] E67DED2886048D308532042B777D53CF
500 Command Not Recognized
502 Command Not Implemented
504 Command Not Implemented for the Specified Argument
(Note that the returned MD5 checksum is in UPPERCASE.)
A successful response of "251" would contain the specified
filepath (verbatim) followed by a space (or some amount of
whitespace), and then followed by the MD5 checksum value in
ASCII format.
An error return of "500" would be for an obvious reason: the FTP
Server does not recognize the "MD5" command.
An error return of "502" would be appropriate if the FTP Server
recognized the command, but did not support it, or the FTP Server
administrator disabled it.
An error return of "504" would be appropriate if the user requested
an MD5 checksum for a directory (for example).
3.1.1 MD5 Examples
This first example demonstrates a request for a MD5 checksum of a
single file ("C>" is Client input, and "S>" is Server response):
C> MD5 filename.ext
S> 251 filename.ext E67DED2886048D308532042B777D53CF
This second example demonstrates a request for a MD5 checksum of a
directory:
J.Twine Internet-Draft [Page 4]
INTERNET-DRAFT The 'MD5' and "MMD5" FTP Command Extensions May 2002
C> MD5 ".."
S> 504 Command Not Implemented for the Specified Argument
This third example demonstrates a request for a MD5 checksum of a
file using a relative path:
C> MD5 "../SomeDir/A File.txt"
S> 251 "../SomeDir/A File.txt" 604E67DED8D308B777D53CF532042288
3.2 Command Format (MMD5)
The "MMD5" command is used to obtain MD5 checksums for multiple
files by a single request. Filepaths are comma separated, and are
specified as follows (it is to be considered valid to specify a
single filepath with with MMD5 command):
MMD5 [Filepath1], [Filepath2] [...]
Possible responses to this command would normally include:
252 [FilePath1] E67DED2886048D308532042B777D53CF,[Filepath2]
308536048D20E67D77D53CFED28842B7 [...]
500 Command Not Recognized
502 Command Not Implemented
504 Command Not Implemented for the Specified Argument
A successful response of "252" would contain comma separated
"groups" of MD5 checksum information. Each group would contain the
specified filepath (verbatim) followed by a space (or some amount
of whitespace) followed by the MD5 checksum value in
ASCII format.
An error return of "500" would be the same as described for the "MD5"
command.
An error return of "502" would be appropriate if the "MMD5" command
was not implemented or disabled.
An error return of "504" would be the same as described form the "MD5"
command, with this exception: of any of the specified filepaths were
invalid, the server would return this error code (i.e. it would
no MD5 checksums at all).
3.2.1 MMD5 Examples
This first example demonstrates a request for a MD5 checksum of a
single file:
C> MMD5 filename.ext
S> 251 filename.ext E67DED2886048D308532042B777D53CF
J.Twine Internet-Draft [Page 5]
INTERNET-DRAFT The 'MD5' and "MMD5" FTP Command Extensions May 2002
This second example demonstrates a request for the MD5 checksums
for two files:
C> MMD5 filename.ext, "../SomeDir/A File.txt"
S> 252 filename.ext E67DED2886048D308532042B777D53CF,
"../SomeDir/A File.txt" 604E67DED8D308B777D53CF532042288
This third example demonstrates a request for the MD5 checksums of
a file and a directory:
C> MD5 filename.ext, ".."
S> 504 Command Not Implemented for the Specified Argument
4. References
[1] Postel, J., Reynolds J., "Instructions to RFC Authors",
RFC 2223, October 1997
[2] Postel, J., Reynolds J., "FILE TRANSFER PROTOCOL (FTP)",
RFC 959, October 1958
[3] Rivest, R., "The MD5 Message-Digest Algorithm", RFC 1321,
April 1992
[4] Various, "Guidelines to Authors of Internet-Drafts",
http://www.ietf.org/ietf/1id-guidelines.txt
5. Author's Address
James R. Twine
JRTwine Software, LLC
379 Shirley Hill Road
Goffstown, NH, 03045
(USA)
Phone: +1 603-644-1307
EMail: jtwine@jrtwine.com
J.Twine Internet-Draft [Page 6]