From csulb.edu!library.ucla.edu!agate!spool.mu.edu!mnemosyne.cs.du.edu!nyx10.cs.du.edu!not-for-mail Fri Oct  7 17:45:38 1994
Path: csulb.edu!library.ucla.edu!agate!spool.mu.edu!mnemosyne.cs.du.edu!nyx10.cs.du.edu!not-for-mail
From: esasaki@nyx10.cs.du.edu (Eric Sasaki)
Newsgroups: alt.comp.fsp
Subject: REPOST: alt.comp.fsp FAQ (part 2/2)
Date: 30 Sep 1994 22:52:31 -0600
Organization: University of Denver, Math/CS Dept.
Lines: 234
Message-ID: <36ipuf$22v@nyx10.cs.du.edu>
NNTP-Posting-Host: nyx10.cs.du.edu
X-Newsreader: NN version 6.5.0 #3 (NOV)


Last-modified: 1994/06/07

---------------------------------------------------------------------------

Section 3: Technical Issues

  Q.3.1 What are the main differences between FSP and FTP?
        How does FSP work?

        From the user's point of view, the differences are not that
        great, except that some of the more annoying features of FTP
        are gone.  Here are the main differences.

             a. The protocol can stand things going down: if the
                server or the network falls over in the middle of a
                transfer, you can just wait until it comes back up.
                You don't have to reconnect, and even better, if the
                server went down 90% through grabbing a file, you can
                continue from where you left off.

             b. The protocol doesn't need a username or password.
                You just throw packets at the server.  You don't have
                to identify yourself (though you're not completely
                anonymous -- see below).

             c. It's harder to kill off a site with an FSP server
                than with an FTP server.  The FSP daemon is designed to
                be as lightweight as possible:  it doesn't fork off any
                sub-processes, and it takes steps to limit the amount
                of traffic it handles.

             d. The user interface is completely different.  The
                interface that comes with the package consists of
                eleven commands that you can call from the shell.  In
                effect, your shell is providing all the nice functions
                like command line editing.  This makes the interface
                much more versatile than FTP's.  (See below for how to
                get an FTP-like interface, though).

             e. FSP is a bit slower than FTP.  This is a feature,
                not a bug.  The point is to keep the communication
                lightweight, and not to flood the net.

        From the programmer's point of view, fsp is a complete rewrite.

             a. Instead of TCP sockets, it uses datagrams to
                communicate, so that the connection doesn't break on a
                flaky line.

             b. FTP works by opening a port, and then asking the
                server to send a file to it.  FSP uses the same port
                all the time for communication, and asks for segments
                of a file.  So you can start off a transfer half way
                through a file, if you really want to.

             c. The server tries to make sure you don't ask for
                packets too quickly.  Each packet it sends out has a
                random identification number, which the client must
                return on the next request.  (If the client loses the
                number, it must wait a few seconds before the server
                accepts another packet from it).  Therefore, the client
                has to wait for an answer to each request before it
                sends out the next one.


  Q.3.2 How secure/anonymous is FSP?

        By default, the FSP daemon keeps logs of transactions, along
        with their site names.  An FSP administrator could use this to
        find out who you are, with a reasonable degree of certainty.

        In short, FSP gives you no more privacy than anonymous FTP.
        Anyone who tells you different has a less devious mind than most
        FSP admins I know.

        Why not make FSP more anonymous?  Well, it's impossible to make
        a protocol with complete anonymity, since at some point, the
        remote site will have to send a file back to you, and it needs
        at least an address to send it to.

        If you really need privacy, you can encrypt any files you make
        available, and only give out the decryption password to a select
        few.  But of course, you have to trust them to keep the password
        safe.


  Q.3.3 Why not add passwords to FSP?

        (Thanks to Joseph Traub for the material for this section)

        1. They don't add much security.  If you use one password for
           the whole site, then you might just as well set up the site
           and only tell a few people its port number.  That's no more
           or less secure than using a password.  Besides, it's easier
           just to set up the server only to respond to certain hosts.

        2. Any other password system is likely to be a big lose on
           efficiency, since you'll have to check every single packet.

        3. The main use of server passwords appears to be so that people
           can move pirated software around, and the authors don't want
           to add code to support that.

        To quote Joseph Traub, the ex-FSP maintainer:

                If you really want to do passworded file transfer, grab
                a copy of the ftpd source code (which is also on my
                server) and modify it to a) use a higher port number
                (Yes virginia, you CAN specify port numbers to most ftp
                clients) and b) to read a file other than /etc/password
                to look up user information.

                This capability does NOT belong in FSP because it gets
                away from the concept of lightweight simple file
                transfers.


  Q.3.4 So what *does* FSP stand for?

        As of 12th August 1993, FSP stands for `File Service Protocol'.
        Thanks to mg@ac.duke.edu (Michael Grubb) for the words, and
        Wen-King for the initials.

        Other suggestions were:

                File Slurping Protocol
                Flaky Stream Protocol
                FTP's Sexier Partner


---------------------------------------------------------------------------

Section 4: Who's Who?

  Q.4.1 Who writes and maintains FSP software?

        Wen-King Su (wen-king@cs.caltech.edu) wrote the original Unix
        version (versions 1.0 to 2.6.4).

        Joseph Traub (was jtraub@cs.cmu.edu) was maintainer from Dec
        1992 to July 1993 (versions 2.6.5 to 2.7.1).

        The next maintainers were Phil Richards (pgr@sst.icl.co.uk)
        and Pete Bevin (pete@sst.icl.co.uk) from July 1993 to March 1994.
        Phil is also the maintainer of fspclient, an FTP-like interface
        for FSP.

        The current maintainer (as of March 1994) is Andy Doherty
        <A.J.Doherty@reading.ac.uk>, who also maintains the alt.comp.fsp
        FAQ and wrote and maintains FSPtool an X-Windows GUI FSP Client.

        Sven Pechler (S.A.Pechler@bdk.tue.nl) wrote and maintains a VMS
        version.  OS/2 is handled by Larkin Lowrey (llowrey@ucsd.edu),
        and Lindsey Smith, of the MS-DOS rewrite is lsmith@symantec.com


  Q.4.2 Who writes and maintains FSP Client Software?

        Jim Browne (jbrowne@uiuc.edu) is writing the (soon to be released?)
        Macintosh client. See section (2.2.3)

        Andy Doherty (A.J.Doherty@uk.ac.reading) wrote and maintains
        FSPtool an X-Windows based Unix client. Also the FAQ maintainer.

        Ian Heath (ih@ecs.soton.ac.uk) wrote 'winfsp' a MS-Windows based
        client.

        Nicolai Langfeldt's (janl@ifi.uio.no) wrote and maintains 'fspcli'
        a Perl based client.

        Ove Ruben R Olsen (Ruben@uib.no) wrote and maintains 'fspsh',
        another Perl based client.

        Phil Richards' (pgr@sst.icl.co.uk) wrote and maintains
        'fspclient'.


  Q.4.3 Who helped put this FAQ together?

        The following people have contributed to the FAQ.  Thanks very
        much to all of them.

        Pete Bevin <pete@sst.icl.co.uk>
        Tony Brannigan <tbrann@ox.ac.uk>
        Jim Browne <jbrowne@uiuc.edu>
        Dan Charrois <charro@ee.ualberta.ca>
        Maurizio Codogno <mau@beatles.cselt.stet.it>
        David DeSimone <fox@netcom.com>
        Ian Dickinson <vato@violet.csv.warwick.ac.uk>
        Andy Doherty <A.J.Doherty@reading.ac.uk>
        Ian Heath <ih@ecs.soton.ac.uk>
        Larkin Lowrey <llowrey@ucsd.edu>
        Jan Nicolai Langfeldt <janl@ifi.uio.no>
        Ove Ruben R Olsen <buboo@uib.no>
        Jerome Pier <jp@edu.unl.unlinfo>
        Lutz Prechelt <prechelt@ira.uka.de>
        Phil Richards <pgr@sst.icl.co.uk>
        Lindsey Smith <lsmith@symantec.com>
        Wen-King Su <wen-king@cs.caltech.edu>
        Joseph Traub <jtraub@cs.cmu.edu>

---------------------------------------------------------------------------

Section 5: Site Information

  Q.5.1 What FSPable sites exist ?

        The following is a small list of the some sites sites which are
        available through the FSP protocol. This list should be reasonably
        up to date but comes with no warranty ;-) It is in the unofficial
        "taxus" format. ftp.germany.eu.net is the official home for FSP
        software distributions, most packages can be found there.

        genie.lut.ac.uk        21   genie    / # small UK site
        ftp.germany.eu.net     2001 germany  / # big German archive (FSP)
        fsp.luth.se            6969 luth     / # Top of Europe
        mosaic.cs.caltech.edu  21   mosaic   / # BSD386/Usenet
        sunsite.doc.ic.ac.uk   21   src      / # big UK site, lots of mirrors
        terra.stack.urc.tue.nl 21   terra    / # big Netherlands site
        ftp.bilkent.edu.tr     21   bilkent  / # uni. of Bilkent, Turkey
        garfield.catt.ncsu.edu 21   Garfield / # garfield site
        ftp.wustl.edu          21   wu       / # lots of mirrors ...

        For more site information see section 2 (Q.2.3)

---------------------------------------------------------------------------


-- 
Eric Sasaki - IBM Co-op || esasaki@nyx10.cs.du.edu / gt7294b@prism.gatech.edu
Georgia Tech INTA major || http://nyx10.cs.du.edu:8001/~esasaki/home.html
"More than an end to war, we want an end to the beginnings of all wars."
                                                     -- Franklin D. Roosevelt

