gateway
Click on the red underlined text to get to the source
... fielded on the Internet, the requirement for gateways between the two
protocol suites becomes more pressing.
...
...
This specification describes an application layer gateway providing
interoperability between the TCP/IP ...
... FTAM) protocol. The
proposed application layer gateway is based on a bi-directional set
of mappings between the FTP ...
...
Though it is anticipated that the application layer gateway will be
implemented on full protocol suites of both TCP/IP and OSI ...
... TCP/IP and OSI, at least
one implementation of such a gateway (included in the ISO Development
Environment) can be configured to operate FTAM ...
...
Ideas presented in this specification are based on lessons learned in
fielding the gateway on the MILNET, operational at NCTS Washington
D.C. since 1989, and on the efforts of M. A. Wallace et al. of the
National Institute of Standards and Technology ...
... NIST published a design document for an FTP-FTAM gateway.
Since that time, at least one implementation (for a subset of the FTP
...
... FTP
and FTAM protocols) of the gateway has been developed [MITRE87] and
is included with the ISODE. This implementation is based on the NIST ...
... is included with the ISODE. This implementation is based on the NIST
protocol translator gateway design [NIST86].
...
... FTP-FTAM
gateway concept is to:
* Enhance the user interaction capability provided by the ISODE
...
... * Produce a formal specification for the FTP-FTAM gateway suitable
for implementors to use in building additional FTP ...
... Overview of Gateway Operation ...
...
The gateway provides a virtual end-to-end application file transfer
service. As data is sent via FTP ...
... end-to-end application file transfer
service. As data is sent via FTP, the gateway immediately maps the
requested function to FTAM and passes it to the FTAM ...
... similar fashion, but using a different set of mappings, an FTAM
request is sent to the gateway, immediately mapped to an FTP
function, and passed along to the FTP ...
... the FTP-FTAM gateway plays when performing file transfers. For
example, when a file transfer ...
... Client, it
contacts the FTP Server portion of the gateway, which maps protocol
information to the FTAM Initiator ...
... information to the FTAM Initiator portion of the gateway, which in
turn contacts the remote FTAM Responder ...
... Gateway Architecture ...
... +------------+ +-------------+
Figure 3 - Gateway Protocol Stack
A fundamental aspect of this gateway ...
... Gateway Protocol Stack
A fundamental aspect of this gateway architecture is that data is
mapped and transmitted immediately; i.e., no transferred file need
...
... architecture is that data is
mapped and transmitted immediately; i.e., no transferred file need
ever reside on the gateway file system. In the context of this
...
... maintenance mechanisms provided by the operating system. This lack
of gateway filesystem interaction helps speed up the end-to-end data
transfer. Another speed-enhancing feature of this architecture is
...
... 2. Users require no knowledge of the other protocol.
3. Gateway access control is not impaired (since users cannot
directly access the gateway ...
... Gateway access control is not impaired (since users cannot
directly access the gateway filesystem).
4. No additional filesystem space is required on the gateway ...
... gateway filesystem).
4. No additional filesystem space is required on the gateway.
5. Interactive nature of protocols is preserved.
...
...
Disadvantages of this design include the initial coding effort
required to develop the gateway and the subsequent re-coding efforts
required to keep it current.
...
... Distinguished Names is to use
"User Friendly Naming", as defined in [KILLE92]. Gateway support for
"User Friendly Naming" is recommended, but not required.
...
... The FTP Client is responsible for providing the gateway with an
authoritative Distinguished Name, or a User Friendly Name, of the
...
... Distinguished Name, or a User Friendly Name, of the
desired OSI filestore. It is the responsibility of the gateway to
resolve this Distinguished Name, or User Friendly Name, to its
...
... Upon receipt of a Distinguished Name or a User Friendly Name, it is
the gateway's responsibility to resolve it to the Presentation
Address associated with that name. This resolution is done by
...
... Distinguished Name or User Friendly Name. Once the
Presentation address is obtained, the gateway can attempt a
connection with the ultimate destination ...
... the "user username" command. It is anticipated that stronger
authentication mechanisms will be required for DoD gateways in the
future.
...
... Client and the FTP-FTAM gateway at the Washington
Navy Yard, Washington D.C. Once connected, the OSI filestore at Open
...
... ftp> pass ***********
As this example indicates, use of an intermediate gateway is not
transparent. To partially alleviate this awkwardness, the gateway
...
... As this example indicates, use of an intermediate gateway is not
transparent. To partially alleviate this awkwardness, the gateway
can be made more transparent through the registration of the FTAM ...
... service.netwrx1.com" and the IP address of the "washdc1-
osigw.navy.mil" gateway. In this example, the following set of user
actions is required:
...
...
Since the "ftam-service.netwrx1.com" really points to the gateway
address, the first command will connect the FTP ...
... Client to the
gateway. The gateway will then use the name (using [RFC1279]) to
determine where the actual FTAM ...
... determine where the actual FTAM host is resident. Gateway support
for RFC1279exp is recommended, but not required.
...
... The FTAM Initiator is responsible for providing the gateway with an
authoritative DN of the desired TCP/IP ...
... DN of the desired TCP/IP filestore. It is the
responsibility of the gateway to resolve this DN to its corresponding
IP address ...
... FTAM
Initiator and the gateway. Once connected, userid and TCP/IP
filestore are identified in the "username ...
... user command.
The gateway should incorporate the BIND Resolver functionality so
that upon receipt of a Domain Name, the Gateway ...
... gateway should incorporate the BIND Resolver functionality so
that upon receipt of a Domain Name, the Gateway FTP Client can
...
... As mentioned in the previous section, "Use of the FTP-Initiated
Gateway Service", use of an intermediate gateway is not transparent.
...
... Gateway Service", use of an intermediate gateway is not transparent.
The gateway can be made more transparent through the registration ...
... Service", use of an intermediate gateway is not transparent.
The gateway can be made more transparent through the registration of
the FTP ...
... Address of the FTP-FTAM gateway. This approach,
described in [RFC1279], would permit the following user interactions:
...
... FTP-Initiated and FTAM-Initiated
Gateway Services, the gateway user does not have access to the
...
... Gateway Services, the gateway user does not have access to the
gateway filesystem; he merely makes use of the gateway ...
... Services, the gateway user does not have access to the
gateway filesystem; he merely makes use of the gateway logon
procedure to specify the ultimate destination ...
... gateway user does not have access to the
gateway filesystem; he merely makes use of the gateway logon
procedure to specify the ultimate destination userid and password ...
... host.
2. Determine which gateway is most appropriate for their
respective source-destination pair.
...
... destination pair.
3. Explicitly connect to the gateway host prior to connecting
to the destination host ...
... The latter, more transparent method does not necessarily require that
the user determine which gateway is most appropriate for their
respective source-destination pair. In fact, filestore service
providers ...
... service
providers are registered using the address of a predetermined
gateway. With this approach, the user:
1. Must be aware that a gateway ...
... gateway. With this approach, the user:
1. Must be aware that a gateway is required to reach the
destination FTP ...
... host.
2. Need not determine which gateway is most appropriate to
access their ultimate destination host.
...
... destination host.
3. Need not explicitly connect to the gateway prior to
connecting to the destination FTP ...
... exclusive set of state variables and transitions that
deterministically define the actions of the gateway. Gateway support
for these state ...
... state variables and transitions that
deterministically define the actions of the gateway. Gateway support
for these state variables and transitions is required.
...
... error conditions, if a connection is dropped when the
gateway is in any state other than FTP-I:Initial-State ...
... transfer aborted). If it is an FTAM Initiator, then the gateway will
send an F-P-ABORT with a <Diagnostic> value with identifier 1011
...
... Gateway receives <State Result> of "Success" .
2. Gateway sends 230 reply code (User Logged In) to FTP
...
... document types supported by the FTP-FTAM gateway is a
subset of the document types identified in the Stable Implementation
...
... With reference to the FTP-FTAM gateway, several of the most blatant
losses of functionality are:
...
... FTP.
The primary goal of the gateway protocol mappings are to minimize
this loss of functionality. As this gateway specification and
...
... The primary goal of the gateway protocol mappings are to minimize
this loss of functionality. As this gateway specification and
subsequent implementations evolve, means to partially overcome loss
of functionality may become more obvious. For example, the gateway ...
... gateway specification and
subsequent implementations evolve, means to partially overcome loss
of functionality may become more obvious. For example, the gateway
may be able to emulate file record transfers between FTAM Initiators ...
... the loss of functionality between the two protocols. The specific
approach taken to implement the mappings is left to the discretion of
the gateway implementor. The focus of the protocol function and
representation mappings is on non-error encumbered processing. The
...
... understood by the FTP Server side of the gateway.
6. Send this returned information from the FTP ...
... The remainder of this section presents detailed mapping procedures
for each of the FTP protocol functions. Gateway support for these
mappings is required.
...
...
1. If no <string> argument is provided, send helpful
information about the implementation of the gateway to the
FTP Client ...
... received from FTAM Responder, then gateway should parse
list to strip off directory portion.
...
... data connection should be in ASCII.
e. Gateway should parse full directory/file specifications
received from FTAM Responder ...
... destination address was specified in the Domain Name
used to attach to the gateway, use it to set the value of
the <Called Presentation Address> parameter of the
...
... destination address: 1) Domain Name used in connecting to
gateway (see section 4, Use of Gateway Services); 2) SITE
...
... Domain Name used in connecting to
gateway (see section 4, Use of Gateway Services); 2) SITE
command argument; and 3) user@host ...
... FTAM service primitive is followed by those parameters that are
relevant to the mapping. Gateway support for these mappings is
required.
...
... Distinguished Name (or User Friendly Name) used to attach
to the gateway, save it as the ultimate destination
address.
4. If the ultimate destination address ...
... destination address: 1) Distinguished Name, or User
Friendly Name, used in connecting to the gateway (see
section 4, Use of Gateway Services ...
... Friendly Name, used in connecting to the gateway (see
section 4, Use of Gateway Services); 2) user@host format;
...
... processing. Though appropriate responses are designated in many
cases, it is intended that a more thorough use of responses will be
incorporated into gateway implementations.
The purpose of this section is to provide a set of mappings between
...
... reply codes and
their equivalent FTAM action and diagnostic parameters. Gateway
support for these mappings is recommended, but not required. The
following abbreviations are used for FTAM ...
... parameters and their equivalent FTP reply codes. Gateway support for
these mappings is recommended, but not required. As previously
mentioned, type 0 is an informative error type ...
... destination address in the FTAM-Initiated
gateway service [NIST86]. If this happens, the destination address ...
... portion of the <Initiator Identity>. Currently, the FTP-FTAM gateway
specification permits either mechanism for storage of the ultimate
destination address.
...
... control connection, Logged
out if appropriate". While this minimal solution is acceptable, the
recommended approach for Gateway developers is to implement the
mappings presented in Section 9.1, FTP Reply Codes ...
... characteristics and functions of an FTP-FTAM gateway. The specific
approach taken to realize these specifications in an operational
gateway ...
... gateway. The specific
approach taken to realize these specifications in an operational
gateway are left to the discretion of the implementor. We do take
the liberty, however, of suggesting several ideas concerning the
...
... implementor. We do take
the liberty, however, of suggesting several ideas concerning the
configuration and implementation of such gateways.
...
...
The gateway should be robust enough to handle situations where a
subset of the FTP and/or FTAM ...
...
These are requirements for gateway implementations.
...
...
It is recommended that the FTP-Initiated gateway process listen on
TCP/IP port 21, the well-known port ...
... FTP listener processes. As
the gateway computer is primarily intended to provide gateway
services ...
... listener processes. As
the gateway computer is primarily intended to provide gateway
services, use of this port ...
... services, use of this port will alleviate the need for gateway users
to specify the desired port when they connect to the gateway ...
... gateway users
to specify the desired port when they connect to the gateway. The
standard FTP server listener ...
...
To simplify the administrative overhead on the gateway computer
system, it is recommended that the FTP-Initiated service ...
... service and FTAM-
Initiated gateway listener processes be merged into a single
executable module. This single daemon will act as the one and only
...
... listener processes be merged into a single
executable module. This single daemon will act as the one and only
gateway listener processes. As connections were established with
...
... To assist in the development and evaluation of FTP-FTAM gateway
prototypes, NIST has developed a test system to evaluate a gateway ...
... gateway
prototypes, NIST has developed a test system to evaluate a gateway's
conformance to the protocol standards [NIST88].
...
... To avoid unnecessary complexity, proprietary file systems are not
addressed in these mappings. Gateway support for POSIX file naming
and organization conventions is required; i.e., files are assumed to
...
... authentication on the
destination system. However, the gateway must accommodate the
passing through of all authentication parameters. The authentication ...
... destination and no
additional parameters are needed for authentication at the gateway.
As such, no gateway password ...
... authentication at the gateway.
As such, no gateway password file is required to support gateway
...
... access control situations, such as logging onto
remote hosts or gateways. Detailed specifications for Pre-MSP, used
in the unclassified though sensitive arena, are scheduled to be
published in the first quarter of 1993. The requirement ...
... in the unclassified though sensitive arena, are scheduled to be
published in the first quarter of 1993. The requirement for gateways
to process PMSP and MSP strong authentication mechanisms will be part
...
... Mindel, J., "FTP Gateway User's Guide", Open Networks, Inc. (formerly NetWorks One), 28 February 1990. ...
... A Test System for Implementations of FTAM/FTP Gateways: Final Report Part 1, National Institute of Standards and Technology, U.S. Chamber of Commerce, October 1988. ...