RFC 501 (rfc501) - Page 1 of 5


Un-muddling "free file transfer"



Alternative Format: Original Text Document



Network Working Group                                          K. Pogran
Request for Comments: 501                                    MIT-Multics
NIC: 15718                                                   11 May 1973


                    Un-Muddling "Free File Transfer"

   As the ARPA Network begin to mature, we find ourselves addressing
   issues and concepts deliberately put off and left untouched at
   earlier stages of Network development.  Among the issues now coming
   to the fore are access control, user authentication, and accounting.
   These issues arise immediately out of efforts to develop uniform
   methods for providing limited "free" access to the File Transfer
   Servers of the host systems, to meet user needs for mail transmission
   and similar services.

   Several proposals have been made, described by such phrases as
   "login-less mail", "'free' accounts", "free file transfer", etc.
   These proposals inevitably have imbedded in them some particular
   notion of how such things as access control and user authentication
   are accomplished and these proposals, which knowingly or unknowingly
   make presumptions about the implementation of such mechanisms,
   inevitably meet with strong criticism from implementors whose
   systems' mechanisms are quite different.

   In RFC 467, Bob Bressler proposes ways of helping out users who wish
   to transfer files to or from "systems which have some flavor of
   security, but on which the user has no access privileges".
   Unfortunately, beginning with the first paragraph of the RFC, the
   notions of access controls on files (examples of protection
   mechanisms), and control of access to the system (user
   authentication) are thoroughly muddled.  In addition, he makes
   sweeping assumptions about the nature and use of accounting
   mechanisms and accounts at server sites.  RFC 487 also has buried
   deep within it assumptions about the nature of the access control and
   user authentication aspects of File Transfer Server implementations.

   What's needed at this juncture, of course, is a lucid discussion of
   the general concepts involved in protection mechanisms, and file
   system access controls in particular.  Well, you won't find that in
   the remainder of this RFC.  What you will find is perhaps enough of a
   discussion to un-muddle that which RFC 487 has muddled; the rest will
   have to come down the pike at a later time.

   In many systems, mechanisms which control access to the system,
   mechanism which control access to files, and accounting mechanisms
   all mesh at the moment at which a prospective user of the system is
   authenticated: the system has checked his user-name, password,



Pogran