rfc2839.txt

著名的RFC文档,其中有一些文档是已经翻译成中文的的.

Network Working Group                                        F. da Cruz
Request for Comments: 2839                                    J. Altman
Category: Informational                             Columbia University
                                                               May 2000

                        Internet Kermit Service

Status of this Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2000).  All Rights Reserved.

ABSTRACT

   This document describes a new file transfer service for the Internet
   based on Telnet Protocol for option negotiation and Kermit Protocol
   for file transfer and management.  The Internet Kermit Service
   provides access to both authenticated and anonymous users.  The use
   of Kermit protocol over a Telnet connection provides several
   advantages over FTP, including easy traversal of firewalls, transfers
   over multiple transports, and security via a combination of supported
   Telnet authentication and encryption option negotiations, plus
   significant functional benefits.  While this document describes a new
   service for the Internet, the clients for this service already exist
   on most platforms in the form of Telnet clients that support the
   Kermit file transfer protocol.  These clients are available not only
   from Columbia University's Kermit Project but also numerous third
   parties.

TABLE OF CONTENTS

   1. INTRODUCTION ................................................ 2
   2. BACKGROUND .................................................. 3
   2.1. History ................................................... 3
   2.2. Motivation ................................................ 4
   3. THE INTERNET KERMIT SERVICE MODEL ........................... 7
   3.1. Server-Side Kermit Server ................................. 7
   3.2. Client-Side Kermit Server ................................. 8
   3.3. Loosely Coupled Operation ................................. 9
   4. SECURITY CONSIDERATIONS .....................................10
   4.1. AUTHENTICATION ............................................10
   4.1.1. Telnet Authentication ...................................10
   4.1.2. Telnet over TLS option ..................................11



da Cruz & Altman             Informational                      [Page 1]

RFC 2839                Internet Kermit Service                 May 2000


   4.1.3. Plaintext Authentication via Kermit REMOTE LOGIN ........11
   4.1.4. Plaintext Authentication via Command Prompt .............11
   4.1.5. Anonymous Login .........................................12
   4.2. ENCRYPTION (PRIVACY) ......................................12
   4.2.1  Telnet Encryption .......................................12
   4.2.2  Telnet Start_TLS ........................................12
   5. SERVICES ....................................................13
   5.1. Features for System Administrators ........................13
   5.2. Features for Users ........................................14
   5.3. User Interface ............................................16
   6. REFERENCES ..................................................18
   7. AUTHORS' ADDRESSES ..........................................19
   8. Full Copyright Statement ....................................20

PREFACE

   This document describes an Internet Kermit Service (IKS) which
   provides an alternative to FTP for the transfer of files.  This
   service is based upon both the TELNET protocol and the Kermit file
   transfer protocol.

1. INTRODUCTION

   The Internet Kermit Service:

   1. Provides direct access to Kermit file transfer and management
      services without requiring the user to first login to a shell
      account;

   2. Provides Kermit file transfer and management services to anonymous
      users;

   3. Provides services to all Telnet clients that support Kermit file
      transfer protocol via a simple, predictable, scriptable, and
      well-documented textual interface;

   4. Provides direct and tightly-coupled access to a Kermit server when
      requested via the Telnet Kermit Option [TKO].

   This memo assumes knowledge of Transmission Control Protocol, the
   Telnet Protocol [TEL], the Kermit File Transfer Protocol [KER,PRF],
   Telnet Kermit Option [TKO], and the commands and features of Kermit
   software [CKB,CMG,K95].

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in RFC 2119 [BCP].




da Cruz & Altman             Informational                      [Page 2]

RFC 2839                Internet Kermit Service                 May 2000


   Definitions:

   Kermit server
      A software program that is ready to accept and act upon commands
      in the form of well-defined Kermit packets [KER].

   Kermit client
      A software program that receives requests through its user
      interface from a human user (or a script or other source) and
      translates them to command packets, which it sends to a Kermit
      server, thus initiating a Kermit protocol transaction such as the
      transfer of one or more files.

2. BACKGROUND

2.1. History

   "Kermit" is the name of an extensible platform- and medium-
   independent file transfer and management protocol [KER,PRF] and of a
   suite of communications software programs that implement it and
   integrate it with other communications functions [CMG,CKB,K95].

   The Kermit protocol was first developed at Columbia University in New
   York City in 1981 for transferring files without errors between
   diverse types of computers over potentially hostile communication
   links.  Since 1981, the Kermit Project at Columbia University has
   expanded the protocol, developed communications software that
   implements it upon key platforms, and worked with volunteer
   programmers at other sites adapting Kermit protocol to other
   platforms or communication methods.  The Kermit Project also serves
   as the central point of Kermit software development, support,
   information, and distribution throughout the world.

   Kermit software is now available for nearly every computer and
   operating system in existence.  The major features of the most
   popular Kermit programs are:

   -  Connection establishment and maintenance for a variety of
      connection methods including direct serial, dialup, TCP/IP, X.25,
      DECnet, and NETBIOS.

   -  Terminal emulation.

   -  Error-free transfer of both text and binary files, individually or
      in groups.

   -  Character-set translation during both terminal emulation and
      text-mode file transfer -- a unique feature of Kermit software.



da Cruz & Altman             Informational                      [Page 3]

RFC 2839                Internet Kermit Service                 May 2000


   -  Remote file management through the client/server protocol.

   -  A powerful and portable scripting language allowing complete
      automation of any task that can be performed manually.

   Kermit's command and script language is consistent across all
   platforms and communication methods, thus offering a unified method
   for accomplishing a wide range of communication tasks manually or
   under script control.

   A single Kermit program combines the functions of many different
   programs such as uucp, cu, tip, telnet, rlogin, ftp, iconv, and
   expect:  it is a Telnet and Rlogin client that can also transfer
   files; it is a file transfer program that can also convert character
   sets; it is a dialout program that can use dialing directories and
   understands country codes and area codes; it is fully scriptable; it
   offers both client/server and interactive modes of operation.  In its
   desktop versions (particularly for DOS, Windows, and OS/2) it offers
   all the features of communications software that are usually lacking
   from Internet client software (key mapping, colors, scrollback, mouse
   functions, printer control, etc)

   Kermit software is widely used throughout the academic, government,
   and corporate spheres, both in the USA and internationally.

   In addition to the Kermit software developed and/or distributed by
   the Kermit Project at Columbia University, hundreds of other software
   products -- commercial, shareware, and freeware -- also include some
   level of support for the Kermit protocol.  Thus there are hundreds,
   perhaps thousands, of independent and interoperable Kermit protocol
   implementations based upon the open Kermit protocol specification
   [KER].

   The Internet has formed the primary mechanism by which users and
   developers of Kermit software have collaborated to produce feature
   and command sets that continually evolve to meet their needs as
   technology changes.

2.2. Motivation.

   Kermit protocol and software makes connections from one computer to
   another and transfers data between them.  Countless people "live" in
   Kermit all day long; as a customizable Telnet or Rlogin (or serial
   communication) client with a wide selection of terminal emulations
   and convenience features, it is their window onto the Internet.






da Cruz & Altman             Informational                      [Page 4]

RFC 2839                Internet Kermit Service                 May 2000


   Others use it in more creative ways, including some that involve key
   parts of the Internet, e.g. in batch or cron jobs that update news or
   Web servers or fetch email, or to monitor routers, terminal servers,
   and hubs and dial pagers when faults are detected.  It is used by
   vendors of telecommunications equipment for remote diagnosis,
   patching, and updates.  Telecom managers often use Kermit scripts to
   configure PBXs, muxes, routers, or terminal servers.  In the world of
   commerce, Kermit is widely used for financial transactions, EDI,
   medical claim submission, and so forth.  It is used with mobile
   barcode readers in warehousing and inventory applications.  It is
   found in US Postal Service sorting and scanning equipment.  It
   connects many of the logistics and supply systems throughout the
   military.  It is found in fast-food restaurant cash registers,
   milling and die-cutting machines, textile looms and cutters, printing
   presses, and medical diagnostic equipment.  It was the communications
   backbone of the 1994 Brazilian national election -- the largest in
   history.

   And yet there has never been a strong, explicit connection of Kermit
   with the Internet.  In the early years, Kermit acted as a kind of
   do-it-yourself network, enabling ordinary users to make connections
   that were not already there, and for some years was the predominant
   method of connecting a personal computer to the ARPAnet (e.g. by
   dialing a TAC).

   Nowadays, however, with so many of the world's computers on the
   Internet, the role of Kermit software and protocol is changing.
   Kermit users on the network would like to have the features,
   functions, and interface they are accustomed to -- especially the
   automation features -- available for use in settings where presently
   only tools like FTP are available -- and even more so in situations
   where standard software like FTP can't be used.

   An Internet Kermit Service can fill this role, and augment the data
   transfer power and flexibility of other Internet applications such as
   Web browsers:

   -  Like FTP, Kermit provides a service that can be accessed from many
      different platforms with a consistent set of commands, but unlike
      FTP, these commands include programming constructions such as
      variables, arrays, looping and selection mechanisms, and local and
      remote procedure calls.

   -  Like FTP, Kermit provides both text- and binary-mode data
      transfer, as well as file management capabilities.  But Kermit
      also offers numerous features lacking from FTP, such as





da Cruz & Altman             Informational                      [Page 5]

RFC 2839                Internet Kermit Service                 May 2000


      character-set translation, flexible file selection mechanisms,
      attribute preservation, and so on (see Section 5.3 for a longer
      list).

   -  Unlike standard FTP, Kermit can transfer data through multiple
      firewalls, proxies, and network address translators (NATs) on a
      single port.

   -  Unlike FTP, Kermit can transfer data across a combination of
      transports (e.g. dial-up to a terminal server and thence to an
      Internet host).

   -  Authentication and data transfer can take place over secure
      connections (mutually authenticated and encrypted) using
      established Telnet authentication and encryption options.

   -  Unlike traditional Kermit use over Telnet, anonymous access is
      possible, and the considerable overhead of the intervening Telnet
      server and pseudoterminal service is eliminated.

   Until now the primary obstacles to an Internet Kermit Service have
   been:

   -  Issues of authentication, privacy, and anonymous access.  These
      have been addressed in our implementation, as described Section 4
      of this document.

   -  Issues of coordination and control.  A Kermit software program can
      be in any of several "modes": at its command prompt or menu,
      awaiting commands from the user; in terminal mode, in which the
      user's keystrokes are sent to the remote computer or service; or
      in protocol mode, in which two Kermit programs communicate via
      well-defined Kermit packets [KER].  Commands or operations valid
      in one mode do not necessarily work in another.  Until now, it has
      been the user's responsibility to switch modes at one or both ends
      of the connection as needed.  A companion document [TKO] to this
      one specifies a mechanism to closely couple the client and server
      via Telnet protocol negotiations, allowing each to know the
      other's state and to switch to the appropriate mode automatically
      so a valid and useful relationship obtains at all times.

   -  Lack of a standard TCP port.  The "registered" port 1649 was
      assigned by IANA for this purpose (27 September 1995) and is named
      "Kermit". (renamed from "Inspect".)







da Cruz & Altman             Informational                      [Page 6]

RFC 2839                Internet Kermit Service                 May 2000


3. THE INTERNET KERMIT SERVICE MODEL

   The Internet Kermit Service (IKS) uses a standard Telnet [TEL]
   connection, in which all Telnet rules apply.  Unlike FTP, which
   requires additional TCP connections, IKS uses a single channel for
   both signaling and data transfer.  The connection is multiplexed via
   (a) Telnet options, and (b) Kermit protocol messages.  This allows
   existing Telnet clients that also support the Kermit protocol,
   whether or not they support the Telnet Kermit Option [TKO], to use
   the IKS and take advantage of all relevant Telnet options including
   authentication and encryption.

   The system Internet services daemon (e.g. inetd) waits for a
   connection on the Kermit socket (1649) and then starts the IKS on the
   new connection.  The IKS performs the familiar Telnet negotiations
   including the Telnet Kermit option.  Unlike a standard Telnet server,
   the IKS does not support the ability to present the user with an
   interactive system shell.  The Kermit socket is used only for file
   transfer and management functions provided by Kermit file transfer
   protocol and the Kermit script language.

   Once the connection is established, the Telnet Kermit Option is
   negotiated in both directions.  The results determine which of the
   following configurations is used by the Telnet client and Server:

    . Server-side Kermit Server (SKS)
    . Client-side Kermit Server (CKS)
    . No Kermit Server (NKS)

   Different procedures and functions apply to each configuration.  The
   configuration may be changed at any time by Telnet Kermit Option
   subnegotiations, which assure that the Telnet client and server are
   always in compatible states.