J. L Mindel R. L. Slaski Open Networks, Inc. (formerly NetWorks One) June 1991 FTP-FTAM Gateway Specification 1. Status of the Memo This memo describes a dual protocol stack application layer gateway that performs protocol translation, in an interactive environment, between the FTP and FTAM file transfer protocols. This specification has been submitted to the Internet community to ensure the widest possible distribution on the Internet. Only through additional implementations and fieldings will the FTP-FTAM gateway reach its optimal capacity as a resource during the anticipated long term coexistence of the TCP/IP and OSI protocol suites. Proprietary file systems are not addressed. POSIX file naming conventions are assumed. 2. Acknowledgments The authors of this Internet Draft would like to express their appreciation to the individuals and organizations that participated in the implementation of the FTP-FTAM Application Layer Gateway and its fielding on the MILNET. Implementation credits go to Mr. John Scott, formerly of the MITRE Corporation, while fielding credits are extended to J. M. Graham and R. G. Lavender of Open Networks, Inc. (formerly NetWorks One) and R. Cooney of the Navy Regional Data Automation Center in Washington. Dr. Marshall Rose is to be commended for recognizing the importance of the FTP-FTAM gateway and promulgating it as a part of the ISO Development Environment (ISODE). 1 2.1 Table of Contents 1. Status of the Memo................................. 1 2. Acknowledgements................................... 1 2.1 Table of Contents.............................. 2 3. Introduction....................................... 3 3.1 Overview of Gateway Operation.................. 4 3.2 User Interaction............................... 5 3.2.1 FTP-to-FTAM File Transfers................. 5 3.2.2 FTAM-to-FTP File Transfers................. 6 3.2.3 Summary of User Interaction Requirements... 6 4. Gateway Architecture............................... 7 5. Naming and Addressing.............................. 8 5.1 FTP to FTAM File Transfers..................... 8 5.1.1 FTP Client Responsibility.................. 8 5.1.2 Gateway Responsibility..................... 9 5.2 FTAM to FTP File Transfers..................... 10 5.2.1 FTAM Initiator Responsibility.............. 10 5.2.2 Gateway Responsibility..................... 10 6. Security Considerations............................ 10 7. Functional Comparison of FTP and FTAM.............. 10 7.1 Loss of Functionality.......................... 12 8. Protocol Function and Representation Mappings...... 12 8.1 FTP-to-FTAM Function and Representation Mappings 13 8.2 FTAM-to-FTP Function and Representation Mappings 20 9. Mapping between FTP Reply Codes and FTAM Parameters 27 9.1 Mapping of FTP Reply Codes to FTAM Parameters.. 27 9.3. Mapping Problems.............................. 33 9.4. Error Handling................................ 33 10. Implementation and Configuration Guidelines....... 34 10.1 Robustness.................................... 34 10.2 Well-Known TCP/IP Port........................ 34 10.3 Gateway Listener Processes.................... 34 10.4 Implementation Testing........................ 34 11. References........................................ 34 12. Authors' Addresses................................ 35 Appendix A.1 DN Alias Configuration File....................... 37 A.2 Transparent Gateway Service....................... 37 2 3. Introduction The TCP/IP and OSI protocol suites will coexist in the Internet community for several years to come. As more and more OSI hosts are fielded on the Internet, the requirement for gateways between the two protocol suites becomes more pressing. This specification describes an application layer gateway providing interoperability between the TCP/IP File Transfer Protocol (FTP) and the OSI File Transfer, Access, and Management (FTAM) protocol. The proposed application layer gateway is based on a set of mappings between the FTP and FTAM protocols. The gateway is comprised of a dual set of mappings: FTP to FTAM, and FTAM to FTP. Since the protocols have quite different command structures, the mappings between them are not one-to-one. Two important goals of the mappings are: 1. to provide FTP users with as much emulated FTP capability on an FTAM Responder as possible, and 2. to provide FTAM users with as much emulated FTAM capability on an FTP Server as possible. Though it is anticipated that the application layer gateway will be implemented on full protocol suites of both TCP/IP and OSI, at least one implementation of such a gateway (included in the ISO Development Environment) can be configured to operate over either OSI or TCP/IP lower-layer services. Ideas presented in this specification are based on lessons learned in fielding the gateway on the MILNET and on the efforts of M.A. Wallace et al. of the National Institute of Standards and Technology (NIST) [NIST86]. In 1986, NIST published a design document for an FTP-FTAM gateway. Since that time, at least one implementation (for a subset of the FTP and FTAM protocols) of the gateway has been developed [MITRE87]. This implementation is based on the NIST protocol translator gateway design [NIST86]. This document's contribution to the advancement of the FTP-FTAM gateway concept is: * To enhance the user interaction capability provided by the ISODE implementation of the FTP-FTAM application layer gateway. * To clarify and enhance the FTP-to-FTAM and FTAM-to-FTP mappings documented by NIST. * To provide guidelines for fielding the FTP-FTAM application layer gateway on the Internet so that it is useful as an Internet resource. * To produce a formal specification for the FTP-FTAM gateway suitable for implementors to use in building additional FTP-FTAM gateways. 3 * To provide a formal specification for organizations wishing to procure FTP-FTAM gateways. This paper assumes knowledge of the File Transfer Protocol (FTP) [RFC959] and the File Transfer, Access, and Management Protocol (FTAM) [ISO8571-1,2,3,4]. 3.1 Overview of Gateway Operation The gateway provides a virtual end-to-end application file transfer service. As data is sent via FTP, the gateway immediately maps the requested function to FTAM and passes it to the FTAM host. In a similar fashion, but using a different set of mappings, an FTAM request is sent to the gateway, immediately mapped to an FTP function, and passed along to the FTP host. In FTP, the two parties involved in a file transfer are the Client and Server. The Client is responsible for initiating a connection to the Server. Once the connection is established, all service requests originate from the Client. The FTP-FTAM gateway does not support the FTP three node model. In FTAM, the two parties involved in a file transfer are the Initiator and Responder. The Initiator is responsible for initiating a connection to the Responder. Once the connection is established, either the Initiator or Responder may issue service requests to the other. The FTP-FTAM gateway consists of two parts, a service for FTP-to-FTAM transfers and that for FTAM-to-FTP transfers. Each service, in turn, plays two roles during a file transfer. The FTP-to-FTAM service plays the role of FTP Server and FTAM Initiator, while the FTAM-to-FTP service plays the role of FTAM Responder and FTP Client. Figure 1 illustrates the perspective of the application process during an FTP-to-FTAM file transfer. Figure 2 illustrates that of an FTAM-to- FTP file transfer. TCP Host OSI Host +--------------+ +------------------+ | FTP Client | | FTAM Responder | +--------------+ +------------------+ | | | | | | | FTP-FTAM Gateway | | +--------------------------------+ | +-- | FTP Server FTAM Initiator | --+ +--------------------------------+ Figure 1 - FTP to FTAM File Transfer 4 TCP Host OSI Host +--------------+ +------------------+ | FTP Server | | FTAM Initiator | +--------------+ +------------------+ | | | | | | | | | FTP-FTAM Gateway | | +--------------------------------+ | +-- | FTP Client FTAM Responder | --+ +--------------------------------+ Figure 2 - FTAM to FTP File Transfer 3.2 User Interaction To initiate an FTP-to-FTAM file transfer from an FTP Client, the Client connects to the FTP-FTAM gateway via TCP/IP. The gateway then establishes a connection, via OSI, to the FTAM Responder. At this point, the user can initiate file transfer operations. Similarly, to initiate an FTAM-to-FTP file transfer from an FTAM Initiator, the Initiator connects to the FTP-FTAM gateway via OSI. The gateway then establishes a connection, via TCP/IP, to the FTP Server. At this point, the user can initiate file transfer operations. For file transfers in either direction, the user must explicitly connect to the gateway prior to specifying the destination host, userid, and password. 3.2.1 FTP-to-FTAM File Transfers The following logon example illustrates those steps a user takes when performing an FTP-to-FTAM file transfer. ftp> open washdc1-osigw.navy.mil Name (washdc1-osigw.navy.mil:ftpuser): osiuser@ftamhost Password (washdc1-osigw.navy.mil:osiuser@ftamhost): ****** ftp> put local-ftp-file remotefile ftp> The "open washdc1-osigw.navy.mil" command initiates the connection between the FTP Client and the gateway. The "Name (washdc1- osigw.navy.mil:ftpuser): " prompt is displayed by the gateway host. The "osiuser@ftamhost" response is entered by the user to indicate that he wants to log onto the "osiuser" userid on a host with alias "ftamhost". Once logged onto "ftamhost", a file is transferred from the FTP host to the FTAM host. For purposes of this example, "ftamhost" is considered to be an alias for an OSI Presentation address. 5 An alternative mechanism for the FTP user to use in specifying the destination host is via the FTP SITE command. With reference to the above example scenario, the user would issue the "SITE ftamhost" command. 3.2.2 FTAM-to-FTP File Transfers The following example illustrates those steps a user takes when performing an FTAM-to-FTP file transfer. ftam> set qualifier ftpstore ftam> open washdc1-osigw user (washdc1-osigw:ftamuser): tcpuser@ftphost Password (washdc1-osigw:tcpuser@ftphost): ****** ftam> get remote-ftp-file localfile ftam> The command "set qualifier ftpstore" sets the appropriate selectors (transport, session, presentation) in the OSI Presentation Address used to access the gateway. The "open washdc1-osigw" command initiates the connection between the FTAM Initiator and the gateway. The "Name (washdc1-osigw:ftamuser): " prompt is displayed by the gateway host. The "tcpuser@ftphost" response is entered by the user to indicate that he wants to log onto the "tcpuser" userid on a host with alias "ftphost". Once logged onto "ftphost", a file is transferred from the remote FTP host to the local FTAM host. For purposes of this example, "ftphost" is considered to be an alias for an IP address. 3.2.3 Summary of User Interaction Requirements As shown in the previous two logon sequence scenarios, the gateway user does not have access to the gateway filesystem; he merely makes use of the gateway login procedure to specify the ultimate destination userid and password. The following steps are required to utilize the gateway: 1. The user must be aware that a gateway is required to reach the destination FTP or FTAM host. 2. The user must determine which gateway is most appropriate for their respective source-destination pair. 3. The user must explicitly connect to the gateway host prior to connecting to the destination host. Needless to say, the exchange of files between FTP and FTAM hosts requires more effort than required for the exchange of files between a pair of hosts utilizing the same file transfer protocol. A more desirable approach is to make the gateway transparent enough so that the end user: 1. Need not know that a gateway is required. 6 2. Need not determine which gateway is most appropriate to access their ultimate destination host. 3. Need not explicitly connect to the gateway prior to connecting to the destination FTP or FTAM host. Appendix A.2 suggests an approach satisfying these goals. 4. Gateway Architecture The gateway architecture, termed a protocol translator [NIST86], is depicted in Figure 3. It implements TCP/IP and OSI protocol stacks with an application level process providing the link between the two. The link between FTP and FTAM is defined by two sets of protocol mappings, one each for FTP-to-FTAM and FTAM-to-FTP. +============+ +=============+ | FTP Host | | FTAM Host | +============+ +=============+ | | | | | | | | | +=================================+ | | | FTP - FTAM | | | | Gateway Application | | | |---------------------------------| | | | FTP | FTAM | | | |----------------+----------------| | | | TCP/IP | TP4/et al | | | +=================================+ | | /|\ /|\ | | | | | +------------+ +-------------+ Figure 3 - Gateway Protocol Stack A fundamental aspect of this gateway architecture is that data is mapped and transmitted immediately; i.e., no transferred file need ever reside on the gateway file system. In the context of this document, the term "filesystem" refers to the file access and maintenance mechanisms provided by the operating system. This lack of gateway filesystem interaction helps speed up the end-to-end data transfer. Another speed- enhancing feature of this architecture is that both the FTP and FTAM network connections can operate simultaneously. Additional advantages include: 1. FTP and FTAM hosts require no modification to utilize gateway services. 2. Users require no knowledge of the other protocol. 7 3. Gateway access control is not impaired (since users cannot directly access the gateway filesystem). 4. No additional filesystem space is required on the gateway. 5. Interactive nature of protocols is preserved. 6. Users become aware of fatal errors immediately. Disadvantages of this design include the initial coding effort required to develop the gateway and the subsequent re-coding efforts required to keep it current. 5. Naming and Addressing The network naming and addressing schemes used by FTP (Domain Names, IP Addresses) and FTAM (Distinguished Names, Presentation Addresses) are quite different. This issue is quite apparent when a user of one protocol needs to identify a destination host of the other protocol. In the TCP/IP naming and addressing scheme, the identity of the FTP Server is its Domain Name in the Domain Name System (BIND distributed name service or static host table) and its IP address. To initiate a connection to an FTP Server, the FTP Client looks up a Domain Name in either a Domain Name server or static host table and obtains an IP address. In the OSI naming and addressing scheme, the identity of the FTAM Responder service is its Distinguished Name in the OSI Directory (X.500 or static table) and its Presentation address. The Distinguished Name is an authoritative description of the service. A Presentation address consists of a Presentation selector, a session selector, a transport selector, and a network address. To initiate a connection to an FTAM Responder, the FTAM Initiator contacts the OSI Directory, presents the Distinguished Name of the desired FTAM Responder and asks for the Presentation address attribute associated with that name. 5.1 FTP to FTAM File Transfers The FTP Client uses the FTP-FTAM gateway to utilize a service offered by an FTAM Responder. The FTP Client is responsible for providing the gateway with an authoritative Distinguished Name. It is the responsibility of the gateway to resolve this Distinguished Name to its corresponding Presentation address. 5.1.1 FTP Client Responsibility 8 Once connected to the gateway, the FTP Client should identify the desired FTAM Responder service via the Responder's Distinguished Name. This information can be sent via one or more SITE (or QUOTE SITE) commands, each with the following argument pair: = ____ ______________________________________________________ For example, suppose an FTAM Responder had the following Distinguished Name: CountryName = "Japan" Organization = "FTAM Software, Inc." OrganizationUnit = "Product Support" CommonName = "ftamhost" CommonName = "filestore" In this example, an FTP user would send the following string of commands to identify the desired FTAM Responder service: SITE CountryName "Japan" SITE Organization "FTAM Software, Inc." SITE OrganizationUnit "Product Support" SITE CommonName "ftamhost" SITE CommonName "filestore" An enhancement that could be added to an FTP Client implementation is to provide a built-in alias facility so that FTP users could use a less cumbersome means to identify an FTAM Responder. In this scenario, a local table would be maintained at the FTP Client, providing mappings between user-supplied aliases and authoritative Distinguished Names. In [ROSE90], an approach is suggested to construct such a table. The following example characterizes this approach. ftamhost: Country = "Japan" Organization = "FTAM Software, Inc." OrganizationUnit = "Product Support" CommonName = "ftamhost" CommonName = "filestore" Using this enhancement, an FTP Client user could identify the FTAM Responder service as "ftamhost", rather than by specifying the Distinguished Name. This alias facility is further described in Appendix A.1. 5.1.2 Gateway Responsibility Upon receipt of a Distinguished Name, the Gateway FTAM Initiator should contact the OSI Directory (X.500 or local static table), present the Distinguished Name and ask for the Presentation address attribute associated with that name. 9 Once the Presentation address is obtained, the gateway can attempt a connection with the ultimate destination file transfer service represented by this Presentation address. 5.2 FTAM to FTP File Transfers The FTAM Initiator uses the FTP-FTAM gateway to utilize a service offered by an FTP Server. The FTAM Initiator is responsible for providing the gateway with an authoritative Domain Name. It is the responsibility of the gateway to resolve this Domain Name to its corresponding IP address. 5.2.1 FTAM Initiator Responsibility Once connected to the gateway, the FTAM Initiator should identify the desired FTP Server via the FTP Server's Domain Name. The Domain Name concept is described in [RFC1101]. 5.2.2 Gateway Responsibility The Gateway FTP Client should incorporate the BIND Resolver functionality so that upon receipt of a Domain Name, the Gateway FTP Client can resolve it via the distributed Domain Name System. Once the IP address is obtained, the gateway can attempt a connection with the ultimate destination host represented by this IP address. 6. Security Considerations The gateway system places the burden of authentication on the destination system. The authentication parameters of each protocol are applied at the destination and no additional parameters are needed for authentication at the gateway. As such, no gateway password file is required to support gateway functions. Additional gateway security can be maintained by employing standard TCP access restrictions. 7. Functional Comparison of FTP and FTAM A comprehensive comparison of the services offered by FTP and FTAM is beyond the scope of this specification. What follows is an analysis of several key points. Refer to [NIST 86a] and [ROSE90] for a more complete discourse on this topic. FTAM is not a strict superset of FTP; each protocol has functions that only it performs. The set of FTAM functions is, however, larger than the set of FTP functions. 10 FTP combines file management and file transfer into one protocol engine, whereas FTAM separates management and transfer as they relate to files. The file transfer services of both FTP and FTAM expect a reliable underlying end-to-end service. At a minimum, this service includes the capability to transfer entire files between remote hosts and to display remote filenames. In addition to this basic file transfer service, FTAM supports the capability to: access a few records from a file server, create a network file system (similar to Sun's Network File System), handle printing and spooling, and access remote database records. FTP does not support these additional capabilities. FTP uses TELNET services to set up a connection between the FTP Client and FTP Server. A three-digit reply code followed by explanatory text indicates the status of the preceding request and provides diagnostic information explaining each transaction. FTAM relies on the Association Control Service Element (ACSE) to start and stop the network for network file interaction. Generally, the ASCE establishes the application association and related application context needed to support the FTAM protocol. The FTAM protocol is modularized so as to keep the allowable number of actions in any particular state relatively small. There are many more possible sequences of FTP operations than possible sequences of FTAM operations [NIST86]. Because FTAM is more robust than FTP, FTAM allows greater flexibility for conveying information about files. FTAM deals only with aspects of application processes, and leaves data representation and data management facilities to other OSI service elements. In contrast to the Client/Server model present in the FTP scheme, FTAM is based on the Initiator/Responder model. The key distinction is that once the FTAM Initiator has established a connection with a remote host, either the Initiator or Responder can request services of the other. In the FTP realm, the Client both initiates a connection and requests all services. The FTP Client knows the real properties of the remote host filesystem. FTAM, in contrast, embraces a conceptual model of a filesystem, labeled a virtual filestore model. The virtual filestore is a collection of files, each of which has a name that uniquely identifies it. Each file has a set of attributes, such as ownership information and contents, which is the data associated with the file [ROSE90]. One file attribute is the contents-type of the file, typically of document-type. Document- type values include: unstructured binary files, unstructured text files, and filedirectory files. The FTAM Initiator only knows the properties of the corresponding Responder and virtual filestore, not the real properties of the filesystem on the remote host. 11 7.1 Loss of Functionality As happens whenever two dissimilar protocols, or languages for that matter, are translated, some loss of functionality is inevitable. With reference to the FTP-FTAM gateway, several of the most blatant losses of functionality are: 1. Diagnostics passed between protocols may not be precisely translated. 2. The FTAM partial file (record) transfer is not supported. 3. Some FTAM attributes are not supported by FTP. The primary goal of the gateway protocol mappings are to minimize this loss of functionality. As this gateway specification and subsequent implementations evolve, means to partially overcome loss of functionality may become more obvious. For example, the gateway may be able to emulate file record transfers between FTAM Initiators and FTP Servers. 8. Protocol Function and Representation Mappings The mappings presented are based upon the full implementation of both protocols and are strongly influenced by the work of M. A. Wallace et. al. at NIST [NIST86] and John Scott at MITRE [MITRE87]. The FTP protocol functions that are mapped in this document include: ABOR ACCT ALLO APPE CDUP CWD DELE HELP LIST MKD MODE NLST NOOP PASV PORT PWD QUIT REIN REST RETR RMD RNFR RNTO SITE SMNT STAT STOR STOU STRU SYST TYPE USER The FTAM protocol functions that are mapped in this document include: F-BEGIN-GROUP REQ F-CANCEL REQ F-CHANGE-ATTRIBUTE REQ F-CHECK REQ F-CLOSE REQ F-CREATE REQ F-DATA PDU F-DATA-END REQ F-DELETE REQ F-DESELECT REQ F-END-GROUP REQ F-ERASE REQ F-INITIALIZE REQ F-LOCATE REQ F-OPEN REQ F-READ REQ F-READ-ATTRIBUTE REQ F-RECOVER REQ F-RESTART REQ F-SELECT REQ F-TERMINATE REQ F-TRANSFER-END F-P-ABORT REQ F-U-ABORT REQ 12 F-WRITE REQ A key goal of the mappings presented in this document is to minimize the loss of functionality between the two protocols. The specific approach taken to implement the mappings is left to the discretion of the gateway implementor. 8.1 FTP-to-FTAM Function and Representation Mappings The protocol mapping between FTP and FTAM may be one-to-zero (i.e., not mappable), one-to-one, or one-to-many. The general steps taken by the FTP-FTAM gateway to perform an FTP-to- FTAM function are: 1. Accept an FTP Client request at the FTP Server side of the gateway. 2. Map the request to the (set of) corresponding FTAM Initiator function(s). 3. Send the FTAM Initiator function(s) acting as an FTAM Initiator to the FTAM Responder. 4. Accept information returned to the FTAM Initiator side of the gateway. This information originated at the FTAM Responder. 5. Map this returned information to the protocol form understood by the FTP Server side of the gateway. 6. Send this returned information from the FTP Server side of the gateway to the FTP Client. At a minimum, the gateway should support ASCII and 8 bit binary file types. It should also support FTP File Stream Mode. The following table shows the steps required to map FTP functions and representations to their FTAM "equivalents". --------------------------------------------------------------------- ABOR 1. Send F-CANCEL to FTAM Responder. 2. Send F-BEGIN-GROUP to FTAM Responder. 3. Send F-CLOSE to FTAM Responder. 4. Send F-DESELECT to FTAM Responder. 5. Send F-END-GROUP to FTAM Responder. 6. Translate FTAM Responder action and diagnostic parameters to equivalent FTP reply code(s) and send reply codes to FTP Client. 7. Translate FTP Client reply codes to equivalent FTAM action and diagnostic parameters and send parameters to FTAM Responder. --------------------------------------------------------------------- ACCT 13 1. Set parameter value for issuing F-INITIALIZE "Current Account" to FTAM Responder. 2. If "Called Address", "User Identity", and "Filestore Password" are available, attempt connection with FTAM Responder, otherwise wait for additional ACCT commands. 3. Translate FTAM Responder action and diagnostic parameters to equivalent FTP reply code(s) and send reply codes to FTP Client. 4. Translate FTP Client reply codes to equivalent FTAM action and diagnostic parameters and send parameters to FTAM Responder. --------------------------------------------------------------------- ALLO 1. Return a 200 reply code to FTP Client. --------------------------------------------------------------------- APPE 1. Send F-SELECT to FTAM Responder. If not successful, send F-CREATE to FTAM Responder. 2. Send F-BEGIN-GROUP to FTAM Responder. 3. Send F-OPEN to FTAM Responder. 4. Send F-WRITE with "File Extend" set to FTAM Responder. 5. Loop reading data from FTP data connection, sending the data in F- DATA PDUs until end-of-file on the FTP connection. 6. Send F-DATA-END to FTAM Responder. 7. Send F-TRANSFER-END to FTAM Responder. 8. Send F-CLOSE to FTAM Responder. 9. Send F-DESELECT to FTAM Responder. 10.Send F-END-GROUP to FTAM Responder. 11.Translate FTAM Responder action and diagnostic parameters to equivalent FTP reply code(s) and send reply code(s) to FTP Client. 12.Translate FTP Client reply codes to equivalent FTAM action and diagnostic parameters and send parameters to FTAM Responder. --------------------------------------------------------------------- CDUP 1. Save current pathname. 2. Determine parent directory. 3. Set file presentation context to "NBS Directory Type". 4. Send F-SELECT to FTAM Responder. 5. Translate FTAM Responder action and diagnostic parameters to equivalent FTP reply code(s) and send reply code(s) to FTP Client. 6. Translate FTP Client reply codes to equivalent FTAM action and diagnostic parameters and send parameters to FTAM Responder. Note: 1. Implies hierarchical directory structure on the FTAM host. --------------------------------------------------------------------- CWD 1. Save current pathname. 2. Set file presentation context to "NBS Directory Type". 3. Send F-SELECT to FTAM Responder. 4. Translate FTAM Responder action and diagnostic parameters to equivalent FTP reply code(s) and send reply code(s) to FTP Client. 14 5. Translate FTP Client reply codes to equivalent FTAM action and diagnostic parameters and send parameters to FTAM Responder. --------------------------------------------------------------------- DELE 1. Save current pathname. 2. Send F-SELECT to FTAM Responder. 3. Send F-DELETE to FTAM Responder. 4. Translate FTAM Responder action and diagnostic parameters to equivalent FTP reply code(s) and send reply code(s) to FTP Client. 5. Translate FTP Client reply codes to equivalent FTAM action and diagnostic parameters and send parameters to FTAM Responder. --------------------------------------------------------------------- HELP 1. If no argument is provided, send helpful information about the implementation of the gateway to the FTP Client, Else send more specific information related to the argument. 2. Return the appropriate FTP Server reply code to the FTP Client. --------------------------------------------------------------------- LIST 1. Save pathname. 2. Set file presentation context to "NBS Directory Type". 3. Send F-SELECT to FTAM Responder. 4. Send F-OPEN to FTAM Responder. 5. Send F-READ to FTAM Responder. 6. Loop reading F-DATA until F-DATA-END. As data is received, write the filename and other useful information from the PDU on the FTP data connection. 7. Send F-TRANSFER-END to FTAM Responder. 8. Send F-CLOSE to FTAM Responder. 9. Send F-DESELECT to FTAM Responder. 10.Translate FTAM Responder action and diagnostic parameters to equivalent FTP reply code(s) and send reply code(s) to FTP Client. 11.Translate FTP Client reply codes to equivalent FTAM action and diagnostic parameters and send parameters to FTAM Responder. Note: 1. Transfers over data connection should be in ASCII or EBCDIC. --------------------------------------------------------------------- MKD 1. Save current pathname. 2. Set file presentation context to "NBS Directory Type". 3. Send F-CREATE to FTAM Responder. 4. Translate FTAM Responder action and diagnostic parameters to equivalent FTP reply code(s) and send reply code(s) to FTP Client. 5. Translate FTP Client reply codes to equivalent FTAM action and diagnostic parameters and send parameters to FTAM Responder. --------------------------------------------------------------------- MODE (author's note: not completed) 1. If user specifies default mode, then save this as the default mode, 15 Else save STREAM as the default mode. 2. If connection to FTAM Responder has not been initialized, set parameter value for issuing F-INITIALIZE command to FTAM Responder, Else if connection to FTAM Responder has not been opened, set parameter value for issuing F-OPEN to FTAM Responder, Else if data connection to FTAM Responder state has not been opened, set parameter value for issuing F-DATA "Presentation Context Name" to FTAM Responder. 3. Translate FTAM Responder action and diagnostic parameters to equivalent FTP reply code(s) and send reply code(s) to FTP Client. 4. Translate FTP Client reply codes to equivalent FTAM action and diagnostic parameters and send parameters to FTAM Responder. --------------------------------------------------------------------- NLST 1. Save pathname. 2. Set file presentation context to "NBS Directory Type". 3. Send F-SELECT to FTAM Responder. 4. Send F-OPEN to FTAM Responder. 5. Send F-READ to FTAM Responder. 6. Loop reading F-DATA until F-DATA-END. As data is received, write the filename from the PDU on the FTP data connection. 7. Send F-TRANSFER-END to FTAM Responder. 8. Send F-CLOSE to FTAM Responder. 9. Send F-DESELECT to FTAM Responder. 10.Translate FTAM Responder action and diagnostic parameters to equivalent FTP reply code(s) and send reply code(s) to FTP Client. 11.Translate FTP Client reply codes to equivalent FTAM action and diagnostic parameters and send parameters to FTAM Responder. Note: 1. Transfers over data connection should be in ASCII or EBCDIC. --------------------------------------------------------------------- NOOP 1. Return a 200 reply code to FTP Client. --------------------------------------------------------------------- PASV 1. Wait for data transfer on default data port or data port specified by PORT command. 2. Return a 200 reply code to FTP Client. --------------------------------------------------------------------- PORT 1. Return a 200 reply code to FTP Client. --------------------------------------------------------------------- PWD 1. Set file presentation context to "NBS Directory Type". 2. Send F-SELECT to FTAM Responder. 3. Send F-READ-ATTRIBUTE with filename attribute to FTAM Responder. 4. Send F-DESELECT to FTAM Responder. 5. Return the current directory name to the FTP Client. 16 6. Translate FTAM Responder action and diagnostic parameters to equivalent FTP reply code(s) and send reply code(s) to FTP Client. 7. Translate FTP Client reply codes to equivalent FTAM action and diagnostic parameters and send parameters to FTAM Responder. --------------------------------------------------------------------- QUIT 1. If file transfer is in progress, send F-TERMINATE to FTAM Responder. 2. If file transfer has completed, send F-P-ABORT or F-U-ABORT to FTAM Responder. 3. Return charge information to FTP Client. 4. Translate FTAM Responder action and diagnostic parameters to equivalent FTP reply code(s) and send reply code(s) to FTP Client. 5. Translate FTP Client reply codes to equivalent FTAM action and diagnostic parameters and send parameters to FTAM Responder. --------------------------------------------------------------------- REIN 1. Flush all I/O and account information. 2. Allow all transfers in progress to be completed. 3. Set all parameters to default values. 4. Send F-CANCEL to FTAM Responder. 5. Send F-CLOSE to FTAM Responder. 6. Send F-DESELECT to FTAM Responder. 7. Leave the control connection open. 8. Translate FTAM Responder action and diagnostic parameters to equivalent FTP reply code(s) and send reply code(s) to FTP Client. 9. Translate FTP Client reply codes to equivalent FTAM action and diagnostic parameters and send parameters to FTAM Responder. Note: 1. Typically followed by a USER command. --------------------------------------------------------------------- REST 1. Send F-CHECK to FTAM Responder. 2. Send F-RESTART to FTAM Responder. 3. Translate FTAM Responder action and diagnostic parameters to equivalent FTP reply code(s) and send reply code(s) to FTP Client. 4. Translate FTP Client reply codes to equivalent FTAM action and diagnostic parameters and send parameters to FTAM Responder. Notes: 1. Will only have affect on FTAM Responder if the restart functional unit is negotiated on F-INITIALIZE. 2. Refer to ISO 8571-3 for additional subtleties of FTAM checkpoint and restart. --------------------------------------------------------------------- RETR 1. Set file presentation context appropriately. 2. If file does not exist, return a negative reply code to FTP Client, Else send F-BEGIN-GROUP to FTAM Responder. 3. Send F-SELECT to FTAM Responder. 17 4. Send F-OPEN to FTAM Responder. 5. Send F-READ to FTAM Responder. 6. Loop reading F-DATA until F-DATA-END. As data is received, write it to the FTP data connection. 7. Send F-TRANSFER-END to FTAM Responder. 8. Send F-CLOSE to FTAM Responder. 9. Send F-DESELECT to FTAM Responder. 10.Send F-END-GROUP to FTAM Responder. 11.Translate FTAM Responder action and diagnostic parameters to equivalent FTP reply code(s) and send reply code(s) to FTP Client. 12.Translate FTP Client reply codes to equivalent FTAM action and diagnostic parameters and send parameters to FTAM Responder. --------------------------------------------------------------------- RMD 1. Set file presentation context to "NBS Directory Type". 2. Send F-SELECT to FTAM Responder. 3. Send F-DELETE to FTAM Responder. 4. Send F-DESELECT to FTAM Responder. 5. Translate FTAM Responder action and diagnostic parameters to equivalent FTP reply code(s) and send reply code(s) to FTP Client. 6. Translate FTP Client reply codes to equivalent FTAM action and diagnostic parameters and send parameters to FTAM Responder. --------------------------------------------------------------------- RNFR 1. Save old pathname. 2. Send F-SELECT to FTAM Responder. 3. Send F-READ-ATTRIBUTE to FTAM Responder. 4. Translate FTAM Responder action and diagnostic parameters to equivalent FTP reply code(s) and send reply code(s) to FTP Client. 5. Translate FTP Client reply codes to equivalent FTAM action and diagnostic parameters and send parameters to FTAM Responder. Note: 1. Together with RNTO, this command causes a file to be renamed. --------------------------------------------------------------------- RNTO 1. Save new pathname. 2. Send F-CHANGE-ATTRIBUTE, along with new filename, to FTAM Responder. 3. Send F-DESELECT to FTAM Responder. 4. Translate FTAM Responder action and diagnostic parameters to equivalent FTP reply code(s) and send reply code(s) to FTP Client. 5. Translate FTP Client reply codes to equivalent FTAM action and diagnostic parameters and send parameters to FTAM Responder. Note: 1. Together with RNFR, this command causes a file to be renamed. --------------------------------------------------------------------- SITE 1. Save the specified destination address information. 18 2. Set parameter value for issuing F-INITIALIZE "Called Address" command to FTAM Responder. 4. Translate FTAM Responder action and diagnostic parameters to equivalent FTP reply code(s) and send reply code(s) to FTP Client. 5. Translate FTP Client reply codes to equivalent FTAM action and diagnostic parameters and send parameters to FTAM Responder. --------------------------------------------------------------------- SMNT 1. Return a 502 reply code to FTP Client. --------------------------------------------------------------------- STAT 1. Provide the gateway session status to the FTP Client. 2. Return a 211 reply code to FTP Client. --------------------------------------------------------------------- STOR 1. Set the "Called Address" parameter value. 2. Send F-SELECT to FTAM Responder. If not successful, send F-CREATE to FTAM Responder. 3. Send F-BEGIN-GROUP to FTAM Responder. 4. Send F-OPEN to FTAM Responder. 5. Send F-WRITE to FTAM Responder. 6. Loop reading data from FTP data connection, sending the data in F- DATA PDUs until end-of-file on the FTP connection. 7. Send F-DATA-END to FTAM Responder. 8. Send F-TRANSFER-END to FTAM Responder. 9. Send F-CLOSE to FTAM Responder. 10.Send F-DESELECT to FTAM Responder. 11.Translate FTAM Responder action and diagnostic parameters to equivalent FTP reply code(s) and send reply code(s) to FTP Client. 12.Translate FTP Client reply codes to equivalent FTAM action and diagnostic parameters and send parameters to FTAM Responder. --------------------------------------------------------------------- STOU 1. Set the "Called Address" parameter value. 2. Send F-CREATE to FTAM Responder. If FTAM Responder returns diagnostics id# 3005, "File already exists", then abort, Else continue. 3. Send F-BEGIN-GROUP to FTAM Responder. 4. Send F-OPEN to FTAM Responder. 5. Send F-WRITE to FTAM Responder. 6. Loop reading data from FTP data connection, sending the data in F- DATA PDUs until end-of-file on the FTP connection. 7. Send F-DATA-END to FTAM Responder. 8. Send F-TRANSFER-END to FTAM Responder. 9. Send F-CLOSE to FTAM Responder. 10.Send F-DESELECT to FTAM Responder. 11.Translate FTAM Responder action and diagnostic parameters to equivalent FTP reply code(s) and send reply code(s) to FTP Client. 12.Translate FTP Client reply codes to equivalent FTAM action and diagnostic parameters and send parameters to FTAM Responder. 19 Note: 1. Same as STOR, except the name of the created file must be unique in that directory. --------------------------------------------------------------------- STRU (author's note: not completed) 1. If argument is not FILE, return 504 reply code to FTP Client, Else return 200 reply code to FTP Client. --------------------------------------------------------------------- SYST Note: 1. Not supported. --------------------------------------------------------------------- TYPE 1. Save parameter value. 2. If user doesn't specify the default file type, set the default to ASCII. 3. If connection has been established, set "Presentation context name" parameter value for issuing F-INITIALIZE command to FTAM Responder, Else set "Presentation context name" parameter value for issuing F- OPEN to FTAM Responder. 4. Translate FTAM Responder action and diagnostic parameters to equivalent FTP reply code(s) and send reply code(s) to FTP Client. 5. Translate FTP Client reply codes to equivalent FTAM action and diagnostic parameters and send parameters to FTAM Responder. --------------------------------------------------------------------- USER 1. Set "Identity of Initiator" parameter value for issuing F- INITIALIZE to FTAM Responder. 2. If destination was encoded in the user identity (e.g., user@host), set "Called Address" parameter value for issuing F-INITIALIZE to FTAM Responder. 3. Translate FTAM Responder action and diagnostic parameters to equivalent FTP reply code(s) and send reply code(s) to FTP Client. 4. Translate FTP Client reply codes to equivalent FTAM action and diagnostic parameters and send parameters to FTAM Responder. Note: 1. A USER command should be acceptable in any state. --------------------------------------------------------------------- 8.2 FTAM-to-FTP Function and Representation Mappings The protocol mapping between FTP and FTAM may be one-to-zero (i.e., not mappable), one-to-one, or one-to-many. The general steps taken by the FTP-FTAM gateway to perform an FTAM-to- FTP function are: 20 1. Accept an FTAM Initiator request at the FTAM Responder side of the gateway. 2. Map the request to the (set of) corresponding FTP Client function(s). 3. Send the FTP Client function(s) acting as an FTP Client to the FTP Server. 4. Accept information returned to the FTP Client side of the gateway. This information originated at the FTP Server. 5. Map this returned information to a form understood by the FTAM Responder side of the gateway. 6. Send this returned information from the FTAM Responder side of the gateway to the FTAM Initiator. At a minimum, the gateway should support the following FTAM document types: unstructured binary files (FTAM-3), unstructured text files (FTAM-1), and filedirectory files (NBS-9) The following table shows the steps required to map FTAM functions and representations to their FTP "equivalents". --------------------------------------------------------------------- F-BEGIN-GROUP REQ 1. Return F-BEGIN-GROUP RESP PDU, with "success" action parameter, to FTAM Initiator signifying that processes are available to handle concatenated requests. --------------------------------------------------------------------- F-CANCEL REQ 1. Close FTP data connection. 2. Send ABOR to FTP Server. 3. Translate FTP Server reply code to equivalent FTAM Responder action and diagnostic parameters and send parameters to FTAM Initiator via F-CANCEL RESP PDU. 4. Translate FTAM Initiator action and diagnostic parameters to equivalent FTP reply codes and send reply codes to FTP Server. Note: 1. F-U-ABORT REQ is a viable alternative to F-CANCEL REQ. 2. Note that since ABOR is not implemented by all FTP Servers, the remote file may be corrupted, though accessible. --------------------------------------------------------------------- F-CHANGE-ATTRIBUTE REQ 1. Send RNFR command, with appropriate attribute parameter, to FTP Server. 2. Send RNTO command, with appropriate attribute parameter, to FTP Server. 21 3. Translate FTP Server reply code to equivalent FTAM Responder action and diagnostic parameters and send parameters to FTAM Initiator via F-CHANGE-ATTRIBUTE RESP PDU 4. Translate FTAM Initiator action and diagnostic parameters to equivalent FTP reply codes and send reply codes to FTP Server. Note: 1. Allow for processing an arbitrary number attributes at one time. Allow for responses of "Attribute currently unavailable for change" and "Attribute not currently supported". At a minimum, support filename changes. --------------------------------------------------------------------- F-CHECK REQ 1. Issue a P-SYNC MINOR request. 2. Send an F-CHECK confirm service primitive to the FTAM Initiator. --------------------------------------------------------------------- F-CLOSE REQ 1. Return F-CLOSE RESP PDU to FTAM Initiator signifying "success" in action result field. Note: 1. If an error had occurred during transfer, it would have been signaled before the F-CLOSE REQ. --------------------------------------------------------------------- F-CREATE REQ 1. Send LIST, NLST, RETR, or APPE to FTP Server to determine whether or not file exists. 2. If file does not exist, send STOR to FTP Server to create remote file. 3. Translate FTP Server reply code to equivalent FTAM Responder action and diagnostic parameters and send parameters to FTAM Initiator. Else send STOR to FTP Server to create remote file and translate FTP Server reply code to equivalent FTAM Responder action and diagnostic parameters and send parameters to FTAM Initiator. 4. Translate FTAM Initiator action and diagnostic parameters to equivalent FTP reply codes and send reply codes to FTP Server. --------------------------------------------------------------------- F-DATA PDU 1. If necessary, send ALLO command to FTP Server. 2. Depending on whether reading or writing, send STOR, RETR, or APPE command to FTP Server. 3. Translate FTP Server reply code to equivalent FTAM Responder action and diagnostic parameters and send parameters to FTAM Initiator. 4. Translate FTAM Initiator action and diagnostic parameters to equivalent FTP reply codes and send reply codes to FTP Server. --------------------------------------------------------------------- F-DATA-END REQ 1. Send ABOR command to FTP Server (to close the data connection). 22 2. Save mandatory Diagnostic parameter for later use. 3. Translate FTP Server reply code to equivalent FTAM Responder action and diagnostic parameters and send parameters to FTAM Initiator. 4. Translate FTAM Initiator action and diagnostic parameters to equivalent FTP reply codes and send reply codes to FTP Server. --------------------------------------------------------------------- F-DELETE REQ 1. Send DELE to FTP server. If not successful, send ABOR command to FTP Server. 2. Translate FTP Server reply code to equivalent FTAM Responder action and diagnostic parameters and send parameters to FTAM Initiator via F-DELETE RESP PDU. 3. Translate FTAM Initiator action and diagnostic parameters to equivalent FTP reply codes and send reply codes to FTP Server. --------------------------------------------------------------------- F-DESELECT REQ 1. Return F-DESELECT RESP PDU, with "success" action parameter, to FTAM Initiator. --------------------------------------------------------------------- F-END-GROUP REQ 1. Send SITE STAT command sequence to FTP Server. 2. If all relevant requests have been handled, translate FTP Server reply code to equivalent FTAM Responder action and diagnostic parameters and send parameters to FTAM Initiator via F-END GROUP RESP. 3. Translate FTAM Initiator action and diagnostic parameters to equivalent FTP reply codes and send reply codes to FTP Server. --------------------------------------------------------------------- F-ERASE REQ 1. Send DELE to FTP Server. 2. Translate FTP Server reply code to equivalent FTAM Responder action and diagnostic parameters and send parameters to FTAM Initiator via F-ERASE RESP PDU. Parameters should indicate that appropriate file access data unit and node have been erased. 3. Translate FTAM Initiator action and diagnostic parameters to equivalent FTP reply codes and send reply codes to FTP Server. --------------------------------------------------------------------- F-INITIALIZE REQ 1. Establish initial area for activity attributes. 2. Save destination host name and login information from Initiator. 3. Send USER command to FTP Server. 4. Send PASS command to FTP Server. 5. If necessary, send ACCT command to FTP Server. 6. Negotiate acceptance of mandatory functional units, service classes, service types, presentation contexts, and attribute groups. 7. Accept context management functional unit passed by Presentation service provider. 23 8. Translate FTP Server reply code to equivalent FTAM Responder action and diagnostic parameters and send parameters to FTAM Initiator via F-INIT RESP PDU 9. Translate FTAM Initiator action and diagnostic parameters to equivalent FTP reply codes and send reply codes to FTP Server. --------------------------------------------------------------------- F-LOCATE REQ 1. Save parameter information identifying file access data unit. 2. If necessary, send RETR command to FTP Server. 3. If RETR command was sent, then send APPE command to FTP Server. 4. Translate FTP Server reply code to equivalent FTAM Responder action and diagnostic parameters and send parameters to FTAM Initiator via F-LOCATE RESP PDU. PDU should indicate that appropriate file access data unit has been identified. 5. Translate FTAM Initiator action and diagnostic parameters to equivalent FTP reply codes and send reply codes to FTP Server. --------------------------------------------------------------------- F-OPEN REQ 1. Determine value for Presentation Context name parameter for this data transfer. 2. Accept "Document Type and Constraint Set" information from FTAM Initiator. 3. Send TYPE command to FTP Server. 4. Send MODE command to FTP Server. 5. Send STRU command to FTP Server. 6. Accept one abstract syntax negotiated by Presentation Context Management functional unit. 7. Translate FTP Server reply code to equivalent FTAM Responder action and diagnostic parameters and send parameters to FTAM Initiator via F-OPEN RESP PDU. 8. Translate FTAM Initiator action and diagnostic parameters to equivalent FTP reply codes and send reply codes to FTP Server. Note: 1. Assumption is made that use of REQUESTED ACCESS parameter is permitted. --------------------------------------------------------------------- F-READ REQ 1. If requested file type and file mode are different than current settings, send TYPE and MODE to FTP Server. 2. Depending on "Document Type", send RETR or NLST to FTP Server. 3. If reply code from FTP Server is 1xx, open FTP data connection and loop until End-of-File is read on FTP data connection. Inside loop, read block from FTP data connection, format FTAM DATA PDU, and send FTAM PDU to FTAM Initiator. At End-of-File on FTP data connection, send F-DATA-END and return. Else send F-CANCEL REQ to FTAM Initiator. 4. Translate FTP Server reply code to equivalent FTAM Responder action and diagnostic parameters and send parameters to FTAM Initiator via F-READ RESP PDU. 24 5. Translate FTAM Initiator action and diagnostic parameters to equivalent FTP reply codes and send reply codes to FTP Server. --------------------------------------------------------------------- F-READ-ATTRIBUTE REQ 1. Depending on the requested information, send the appropriate combination of LIST, NLST, RNFR, RNTO, and RETR commands. 2. Translate FTP Server reply code to equivalent FTAM Responder action and diagnostic parameters and send parameters to FTAM Initiator via F-READ-ATTRIBUTE RESP PDU. 3. Translate FTAM Initiator action and diagnostic parameters to equivalent FTP reply codes and send reply codes to FTP Server. --------------------------------------------------------------------- F-RECOVER REQ 1. Send REST command to FTP Server. 2. If in the "initialized" state, the associated abstract syntax names should be sent in the remote contexts parameter of the F-RECOVER request PDU, Else if in the "recover pending" state, change to the appropriate state. 3. Translate FTP Server reply code to equivalent FTAM Responder action and diagnostic parameters and send parameters to FTAM Initiator. 4. Translate FTAM Initiator action and diagnostic parameters to equivalent FTP reply codes and send reply codes to FTP Server. --------------------------------------------------------------------- F-RESTART REQ 1. Send REIN and/or REST to FTP Server. 2. Translate FTP Server reply code to equivalent FTAM Responder action and diagnostic parameters and send parameters to FTAM Initiator via F-RESTART RESP PDU. 3. Translate FTAM Initiator action and diagnostic parameters to equivalent FTP reply codes and send reply codes to FTP Server. --------------------------------------------------------------------- F-SELECT REQ 1. Send LIST, NLST, or RETR command (using FILENAME parameter from PDU) to FTP Server to determine if file already exists. 2. Consider optional ATTRIBUTES parameter and requested values if required from requested PDU. 3. If FTP Server does not support requested ATTRIBUTE values, then reject F-SELECT REQ PDU with appropriate Selection related diagnostics identifier (id# 3000 - 3030). 4. Translate FTP Server reply code to equivalent FTAM Responder action and diagnostic parameters and send parameters to FTAM Initiator via F-SELECT RESP PDU. 5. Translate FTAM Initiator action and diagnostic parameters to equivalent FTP reply codes and send reply codes to FTP Server. Note: 1. The specified file is binary/text file if one record is received or is a directory file if multiple records are received --------------------------------------------------------------------- 25 F-TERMINATE REQ 1. In accordance with CURRENT ACCOUNT parameter, use CHARGIN parameter to save account billing information. 2. Send QUIT to FTP Server. 3. Translate FTP Server reply code to equivalent FTAM Responder action and diagnostic parameters and send parameters to FTAM Initiator via F-TERMINATE RESP PDU. 4. Translate FTAM Initiator action and diagnostic parameters to equivalent FTP reply codes and send reply codes to FTP Server. --------------------------------------------------------------------- F-TRANSFER-END 1. Save appropriate Diagnostic parameter from PDU. 2. Translate FTP Server reply code to equivalent FTAM Responder action and diagnostic parameters and send parameters to FTAM Initiator via F-TRANSFER-END RESP PDU. 3. Translate FTAM Initiator action and diagnostic parameters to equivalent FTP reply codes and send reply codes to FTP Server. --------------------------------------------------------------------- F-P-ABORT REQ 1. Send QUIT to FTP Server. 2. Set FTAM error type identifier to "Unrecoverable Error". 3. Return P-RELEASE REQ to Presentation entity or F-U-ABORT primitive to FTAM Initiator. 4. Translate FTP Server reply code to equivalent FTAM Responder action and diagnostic parameters and send parameters to FTAM Initiator. 5. Translate FTAM Initiator action and diagnostic parameters to equivalent FTP reply codes and send reply codes to FTP Server. Note: 1. F-P-ABORT primitive is included in user-data field of CASE A-P- ABORT IND. --------------------------------------------------------------------- F-U-ABORT REQ 1. Send QUIT to FTP Server. 2. Set FTAM error type identifier to "Unrecoverable Error". 3. Return P-RELEASE REQ or P-DATA REQ to Presentation entity. 4. Translate FTP Server reply code to equivalent FTAM Responder action and diagnostic parameters and send parameters to FTAM Initiator. 5. Translate FTAM Initiator action and diagnostic parameters to equivalent FTP reply codes and send reply codes to FTP Server. Note: 1. F-P-ABORT primitive is included in user-data field of CASE A-ABORT IND. --------------------------------------------------------------------- F-WRITE REQ 1. Save bulk transfer specification parameter from PDU. 2. Send NOOP to FTP Server to receive status information. 3. Depending on WRITE mode, send STOR or APPE to FTP Server. 26 4. If reply code from FTP Server is CONTINUE, accept FTP data connection, Else send F-CANCEL REQ to FTAM Initiator. 5. Translate FTP Server reply code to equivalent FTAM Responder action and diagnostic parameters and send parameters to FTAM Initiator. 6. Translate FTAM Initiator action and diagnostic parameters to equivalent FTP reply codes and send reply codes to FTP Server. --------------------------------------------------------------------- 9. Mapping between FTP Reply Codes and FTAM Parameters The focus of the protocol function and representation mappings, presented in the previous sections, is on non-error encumbered processing. Though appropriate responses (FTP reply codes, FTAM action and diagnostic parameters) are designated in many cases, it is intended that a more thorough use of reply codes (and diagnostic codes) will be incorporated into gateway implementations. The purpose of this section is to provide a set of mappings between FTAM responses (action results and diagnostics) and FTP responses (reply codes). The action result parameter of the FTAM File Service primitives conveys information which summarizes that available in the diagnostic parameter. The value is never less than the most severe diagnostic value. The valid values of this parameter are "success", "transient error", and "permanent error". The FTP response text should be supplied in the further-details field of the diagnostics sequence in the FTAM response and abort messages. An FTAM "success" action result may be accompanied by a diagnostic of an informative error type. These "success" diagnostic messages are associated with error type 0 in the table below (and in [ISO8571-3]). Error type 1 indicates a transient error, while type 2 indicates a permanent error. An FTP reply consists of a three digit number followed by some text. The number is defined as a 3-digit code, each digit of which has a special significance. The first digit conveys approximately the same information as the FTAM action result parameter; i.e., positive, transient negative, or permanent negative. The FTP specification document [RFC959] explicitly states that the list of reply codes should not be expanded beyond that which is presented in [RFC959]. This requirement is adhered to in the mappings presented in this document. 9.1 Mapping of FTP Reply Codes to FTAM Parameters This section presents the set of mappings between FTP reply codes and their "equivalent" FTAM action and diagnostic parameters. The following abbreviations are used for FTAM action parameter values: 27 trans = transient error perman = permanent error FTP Reply |FTAM Diagnostic | Code Text |Result Type Id --------------------------------------------------+---------------- 110 Restart marker reply |success 0 0 120 Service ready in nnn minutes |success 0 0 125 Data connection open, transfer | starting |success 0 0 150 File status okay; about to open | data connection |success 0 0 200 Command okay |success 0 0 202 Command not implemented superfluous |success 0 0 211 System status, or system help reply |success 0 0 212 Directory status |success 0 0 213 File status |success 0 0 214 Help message |success 0 0 215 NAME system type |success 0 0 220 Service ready for new user |success 0 0 221 Service closing control connection |success 0 0 225 Data connection; no transfer in | in progress |success 0 0 226 Closing data connection |success 0 0 227 Entering passive mode (h1,h2,h3,..) |success 0 0 230 User logged in, proceed |success 0 0 250 Requested file action okay, completed |success 0 0 257 "PATHNAME" created |success 0 0 331 User name okay, need password |success 0 0 332 Need account for login |success 0 0 350 Requested file action pending | further information |success 0 0 421 Service not available, closing | control connection |trans 1 1 425 Can't open data connection |trans 1 3 426 Connection closed, transfer aborted |trans 1 1014 450 Requested file action not taken, | file unavailable (e.g., file busy) |trans 1 5041 451 Requested file action aborted, | local error in processing |trans 1 5028 452 Requested action not taken, | insufficient storage space |trans 1 9 500 Syntax error, command unrecognized |perman 2 5015 501 Syntax error in parameters or | arguments |perman 2 4004 502 Command not implemented |perman 2 5016 503 Bad sequence of commands |perman 2 1015 504 Command not implemented for that | parameter |perman 2 4003 530 Not logged in |perman 2 2020 532 Need account for storing files |perman 2 2008 28 550 Requested action not taken; file | unavailable (e.g., file not found, | no access) |perman 2 5006 551 Requested action aborted, page type |perman 2 5002 552 Requested file action aborted, | exceeded storage allocation |perman 2 9 553 Requested file action not taken, | file name not allowed |perman 2 3024 29 9.2 Mapping of FTAM Parameters to FTP Reply Codes This section presents the set of mappings between FTAM diagnostic parameters and their "equivalent" FTP reply codes. As previously mentioned, type 0 is an informative error type that may be returned with a "success" action result, type 1 is a transient error type, and type 2 is a permanent error type. FTAM Diagnostic |FTP Reply Code Type Id Reason | --------------------------------------------------|--------- | 1,2 0 No reason | 421 0 1 Responder error | 211 1,2 1 Responder error | 421 1,2 2 System shutdown | 421 0 3 FTAM mgmt problem, unspecific | 211 1,2 3 FTAM mgmt problem, unspecific | 425 0 4 FTAM mgmt, bad account | 221 2 4 FTAM mgmt, bad account | 532 0 5 FTAM mgmt, security not passed | 211 2 5 FTAM mgmt, security not passed | 530 0 6 Delay may be encountered | 211 0 7 Initiator error, unspecific | 211 1,2 7 Initiator error, unspecific | 421 0 8 Subsequent error | 211 1,2 8 Subsequent error | 421 0 9 Temporal insufficiency of resources| 211 1,2 9 Temporal insufficiency of resources| 452 1,2 10 Access req. violates VFS security | 550 1,2 11 Access req. violates local security| 550 2 1000 Conflicting parameter values | 504 2 1001 Unsupported parameter values | 504 2 1002 Mandatory parameter not set | 504 2 1003 Unsupported parameter | 504 2 1004 Duplicated parameter | 504 2 1005 Illegal paramater type | 504 2 1006 Unsupported paramater types | 504 2 1007 FTAM protocol err., unspecific | 426 2 1008 FTAM protocol err., procedure err | 426 2 1009 FTAM protocol err., funct. unit err| 426 2 1010 FTAM protocol err., corruption err.| 426 2 1011 Lower layer failure | 426 1,2 1012 Lower layer addressing error | 426 1,2 1013 Timeout | 426 1,2 1014 System shutdown | 426 2 1015 Illegal grouping sequence | 503 2 1016 Grouping threshold violation | 503 2 1017 Inconsistent PDU request | 503 2 2000 Association with user not allowed | 532 2 2002 Unsupported service class | 504 0 2003 Unsupported functional unit | 211 30 2 2003 Unsupported functional unit | 502 0 2004 Attribute group error, unspecific | 211 1,2 2004 Attribute group error, unspecific | 504 2 2005 Attribute group not supported | 504 0 2006 Attribute group not allowed | 211 2 2006 Attribute group not allowed | 504 0 2007 Bad account | 211 2 2007 Bad account | 532 0 2008 Association management, unspecific | 211 1,2 2008 Association management, unspecific | 532 2 2009 Association management, bad address| 532 1,2 2010 Association management, bad account| 532 0 2011 Checkpoint window error, too large | 211 2 2011 Checkpoint window error, too large | 426 0 2012 Checkpoint window error, too small | 211 2 2012 Checkpoint window error, too small | 426 0 2013 Checkpoint window error, unsupp. | 211 2 2013 Checkpoint window error, unsupp. | 504 0 2014 Communications QoS not supported | 211 1,2 2014 Communications QoS not supported | 504 2 2015 Initiator identity unacceptable | 532 0 2016 Context management refused | 211 0 2017 Rollback not available | 211 0 2018 Contents type list cut by responder| 211 0 2019 Contents type list by Present. srvc| 211 2 2020 Invalid filestore password | 530 2 2021 Incompatible service classes | 530 1,2 3000 Filename not found | 550 1,2 3001 Selection attributes not matched | 550 2 3002 Initial attributes not possible | 550 2 3003 Bad attribute name | 550 1,2 3004 Non-existent file | 550 1,2 3005 File already exists | 553 1,2 3006 File cannot be created | 553 1,2 3007 File cannot be deleted | 553 0 3008 Concurrency control not available | 211 2 3008 Concurrency control not available | 503 0 3009 Concurrency control not supported | 211 2 3009 Concurrency control not supported | 502 0 3010 Concurrency control not possible | 211 2 3010 Concurrency control not possible | 503 0 3011 More restrictive lock | 211 1 3011 More restrictive lock | 450 1,2 3012 File busy | 450 1,2 3013 File not available | 450 0 3014 Access control not available | 211 1,2 3014 Access control not available | 503 0 3015 Access control not supported | 211 1,2 3015 Access control not supported | 502 0 3016 Access control inconsistent | 211 1,2 3016 Access control inconsistent | 503 0 3017 Filename truncated | 211 0 3018 Initial attributes altered | 211 1,2 3019 Bad account | 532 31 0 3020 Override selected existing file | 211 0 3021 Override deleted and recreated | 211 0 3022 Create override deleted and | recreate file with new attributes | 211 1,2 3023 Create override, not possible | 553 1,2 3024 Ambiguous file specification | 553 2 3025 Invalid create password | 550 2 3026 Invalid delete password on override| 550 2 3027 Bad attribute value | 550 2 3028 Requested access violation | 550 2 3029 Functional unit not available for | 550 requested access | 0 3030 File created but not selected | 211 1 3030 Invalid create password | 550 0 4000 Attribute non-existent | 211 1,2 4000 Attribute non-existent | 501 1,2 4001 Attribute cannot be read | 504 1,2 4002 Attribute cannot be changed | 504 1,2 4003 Attribute not supported | 504 2 4004 Bad attribute name | 501 2 4005 Bad attribute value | 501 0 4006 Attribute partially supported | 211 0 4007 Additional set attribute value | not distinct | 211 1,2 5000 Bad FADU, unspecific | 550 2 5001 Bad FADU, size error | 501 2 5002 Bad FADU, type error | 551 2 5003 Bad FADU, poorly specified | 501 2 5004 Bad FADU, bad location | 550 0 5005 FADU does not exist | 550 1 5005 FADU does not exist | 550 0 5006 FADU not available, unspecific | 550 1,2 5006 FADU not available, unspecific | 550 1,2 5007 FADU not available for reading | 550 1,2 5008 FADU not available for writing | 550 1,2 5009 FADU not available for location | 550 1,2 5010 FADU not available for erasure | 550 1,2 5011 FADU cannot be inserted | 550 1,2 5012 FADU cannot be replaced | 550 0 5013 FADU cannot be located | 550 1,2 5013 FADU cannot be located | 550 2 5014 Bad data element type | 550 1,2 5015 Operation not available | 500 1,2 5016 Operation not supported | 502 0 5017 Operation inconsistent | 211 2 5017 Operation inconsistent | 503 0 5018 Concurrency control not available | 211 1,2 5018 Concurrency control not available | 503 0 5019 Concurrency control not supported | 211 2 5019 Concurrency control not supported | 502 0 5020 Concurrency control inconsistent | 211 2 5020 Concurrency control inconsistent | 503 0 5021 Processing mode not available | 211 1,2 5021 Processing mode not available | 503 32 0 5022 Processing mode not supported | 211 2 5022 Processing mode not supported | 504 0 5023 Processing mode inconsistent | 211 2 5023 Processing mode inconsistent | 503 0 5024 Access context not available | 211 2 5024 Access context not available | 503 0 5025 Access context not supported | 211 2 5025 Access context not supported | 504 1,2 5026 Bad write, unspecific | 550 1,2 5027 Bad read, unspecific | 550 0 5028 Local failure, unspecific | 211 1,2 5028 Local failure, unspecific | 451 0 5029 Local failure, filespace exhausted | 211 1,2 5029 Local failure, filespace exhausted | 552 0 5030 Local failure, data corrupted | 211 1,2 5030 Local failure, data corrupted | 451 0 5031 Local failure, data corrupted | 211 1,2 5031 Local failure, data corrupted | 451 2 5032 Future file size exceeded | 451 0 5034 Future file size increased | 211 0 5035 Functional unit invalid in | processing mode | 211 2 5035 Functional unit invalid in | processing mode | 503 0 5036 Contents type inconsistent | 211 2 5036 Contents type inconsistent | 503 0 5037 Contents type simplified | 211 0 5038 Duplicate FADU name | 211 1,2 5039 Damage to select/open regime | 553 1,2 5040 FADU locking not available on file | 450 1,2 5041 FADU locked by another user | 450 9.3. Mapping Problems At some point in the future, the FTAM responding address parameter may be used for purposes other than the destination address. If this happens, another means of passing the destination address will have to be found. 9.4. Error Handling The minimal acceptable solution for FTAM-to-FTP errors is to map FTP failures to FTAM "Unrecoverable error" and return the FTP diagnostic string in the FTAM "Further details" field. Similarly for FTP-to-FTAM errors, the minimal acceptable solution is to return reply code 221, "Service closing control connection, Logged out if appropriate". 10. Implementation and Configuration Guidelines 33 The intent of this specification is to specify the required characteristics and functions of an FTP-FTAM gateway. The specific approach taken to realize these specifications in an operational gateway are left to the discretion of the implementor. We do take the liberty, however, of suggesting several ideas concerning the configuration and implementation of such gateways. 10.1 Robustness The gateway should be robust enough to handle situations where a subset of the FTP and/or FTAM protocols are implemented on a host. The gateway should support multiple concurrent FTP and FTAM connections. 10.2 Well-Known TCP/IP Port The FTP-to-FTAM gateway process should listen on TCP/IP port 21, the well-known port for FTP listener processes. As the gateway computer is primarily intended to provide gateway services, use of this port will alleviate the need for gateway users to specify the desired port when they connect to the gateway. The standard FTP server listener process should be moved to another port that is known to those users (e.g., System Administrators) requiring FTP-to-FTP access to the gateway computer. 10.3 Gateway Listener Processes To simplify the administrative overhead on the gateway computer system, it is advisable to merge the FTP-to-FTAM gateway and FTAM-to-FTP gateway listener processes into a single executable module. This single daemon would act as the one and only gateway listener processes. As connections were established with hosts, other processes would be created. 10.4 Implementation Testing To assist in the development and evaluation of FTP-FTAM gateway prototypes, NIST has developed a test system to evaluate a gateway's conformance to the protocol standards [NIST88] 11. References [ISO8571-1] Information processing systems - Open Systems _________________________________________________________ Interconnection - File Transfer, Access and Management, Part ______________________________________________________________ 1: General Introduction, International Standards Organization ________________________ for Standards, First Edition, October 1988. [ISO8571-2] Information processing systems - Open Systems _________________________________________________________ Interconnection - File Transfer, Access and Management, Part ______________________________________________________________ 34 2: Virtual Filestore Definition, International Standards ____________________________________ Organization for Standards, First Edition, October 1988. [ISO8571-3] Information processing systems - Open Systems _________________________________________________________ Interconnection - File Transfer, Access and Management, Part ______________________________________________________________ 3: File Service Definition, International Standards _________________________________ Organization for Standards, First Edition, October 1988. [ISO8571-4] Information processing systems - Open Systems _________________________________________________________ Interconnection - File Transfer, Access and Management, Part ______________________________________________________________ 4: File Protocol Specification, International Standards __________________________________ Organization for Standards, First Edition, October 1988. [MITRE87] An FTP/FTAM Application Bridge, An FTAM/FTAM (MTR-87W00186), _____________________________________________________________ John A. Scott, The MITRE Corporation, July 1987. [NETWRX90a] Gateway Technical Specification, Joshua L Mindel, Open ________________________________ Networks, Inc. (formerly NetWorks One) 28 February 1990. [NETWRX90b] FTP Gateway User's Guide, Joshua L Mindel, Open Networks, ________________________ Inc. (formerly NetWorks One) 28 February 1990. [NIST86] A Gateway Architecture Between FTP and FTAM (ICST/SNA86-6), ____________________________________________________________ M.A. Wallace et al, National Institute of Standards and Technology, U.S. Chamber of Commerce, July 1986. [NIST88] A Test System for Implementations of FTAM/FTP Gateways: Final ______________________________________________________________ Report Part 1, National Institute of Standards and Technology, _____________ U.S. Chamber of Commerce, October 1988. [RFC959] File Transfer Protocol (FTP), Request for Comments 959, John ________________________________________________________ Postel and Joyce Reynolds, ISI, October 1985. [RFC1068] Background File Transfer Program (BFTP), Request for Comments ______________________________________________________________ 1068, A.L. DeSchon and R.T. Braden, August 1988. ____ [RFC1101] DNS Encoding of Network Names and other Types, Request for ______________________________________________________________ Comments 1101, P.V. Mockapetris, April 1989. _ ____________ [ROSE90] The Open Book: A Practical Perspective on OSI, Marshall T. ________________________________________________ Rose, Prentice-Hall Inc., 1990. 12. Authors' Addresses Joshua L Mindel Open Networks, Inc. (formerly NetWorks One) 11490 Commerce Park Dr., Suite 205 Reston, Virginia 22091 USA Phone: (703) 648-0013 E-mail: mindel@netwrx1.nw1.com 35 Robert L. Slaski Open Networks, Inc. (formerly NetWorks One) 11490 Commerce Park Dr., Suite 205 Reston, Virginia 22091 USA Phone: (703) 648-0013 E-mail: slaski@netwrx1.nw1.com 36 Appendix A.1 DN Alias Configuration File This Appendix describes the content of a configuration file that can be used to provide a convenient mapping between aliases and authoritative Distinguished Names. Its use is discussed in the FTP Client Responsibility section of this document. The exact format of this file is left to the discretion of the software implementors. A single alias is used to identify a set of Distinguished Name attributes. The following example characterizes this approach. DefaultGateway: washdc1-osigw.navy.mil ftamhost1: Country = Japan Organization = Great OSI Software OrganizationUnit = Product Support CommonName = ftamhost CommonName = filestore PreferredGateway1 = pacific-ftpftam.com ftamhost2: Country = USA Organization = Wonderful OSI Software OrganizationUnit = Product Support CommonName = ftamhost CommonName = filestore PreferredGateway1 = conus-ftpftam.xyz.com PreferredGateway2 = ftpftam-gw.abc.net While users may create their own local set of DN Aliases, it is recommended that a host systemwide alias facility be maintained by the host system administrator. One or more preferred gateway entries may be associated with a given alias. One or more default gateways must be specified in this file. These gateways are not associated with a particular destination host. 37 Appendix A.2 Transparent Gateway Service This Appendix describes a transparent gateway service for use with the FTP-FTAM Application Layer Gateway. As described in the User Interaction section of this document, the default mode of utilizing the FTP-FTAM gateway requires that the user: 1. Knows in advance whether the destination host supports the FTP or FTAM protocol service. 2. Knows the appropriate gateway through which the destination host can be accessed (for interprotocol file transfers). 3. Identifies this gateway explicitly in the file transfer initiation command (for interprotocol file transfers). The objective of the transparent gateway service is to eliminate the user's need to satisfy any of the above three requirements. This is achieved through the use of a local configuration file and a user interface program. The configuration file is described in Appendix A.1. The user interface program: 1. Determines whether the destination address identifies an FTP host, FTAM host, or is unresolvable. If the destination host is an FTP host or is unresolvable, no gateway interaction is required. 2. Determines the appropriate gateway through which the destination host is to be accessed (only necessary for interprotocol file transfers). 3. Handles the intermediary gateway login sequence so the user only deals with the destination host login sequence (only necessary for interprotocol file transfers). The value of this transparent gateway user interface program can be greatly enhanced if it is merged with another value-added file transfer service called the Background File Transfer Program (BFTP). As described in [RFC1068], BFTP is a background file transfer service that eliminates the need for a human user to be directly involved at the time that a file transfer takes place. Thus, combining these two file transfer service sets creates a file transfer service providing the following services: 1. Real-time FTP-to-FTP file transfer 2. Background FTP-to-FTP file transfer 3. Real-time FTP-to-FTAM file transfer 4. Background FTP-to-FTAM file transfer Items 1 and 2 from the above list are the key services described in [RFC1068]. The real-time FTP-to-FTAM file transfer service (item 3) and the background FTP-to-FTAM file transfer service (item 4) could be 38 provided by incorporating the algorithm described in this Appendix into the BFTP implementation. This paradigm can be taken one step further and used to create a parallel set of services for FTAM-to-FTP file transfers. This FTAM-to- FTP file transfer service model would provide the following services: 1. Real-time FTAM-to-FTAM file transfer 2. Background FTAM-to-FTAM file transfer 3. Real-time FTAM-to-FTP file transfer 4. Background FTAM-to-FTP file transfer The BFTP model consists of a user interface program and its file transfer control daemon, both of which must execute on the same host. In BFTP, the user may TELNET to this host or may be logged on locally. The enhanced file transfer service is formed by merging: 1. The transparent gateway services; 2. The BFTP services; and 3. The BFTP architecture. These elements will be referred to collectively as the Enhanced File Transfer Service (EFTS). The remainder of Appendix A.2 describe the algorithms to be incorporated into the BFTP model to form the ETFS. A.2.1 Enhanced File Transfer Service This section presents an algorithm for transparent FTP-to-FTAM file transfers. The algorithm used for real-time transfers is very similar to that required for background transfers (BFTP). As such, only the real-time algorithm is described below. In addition, an algorithm parallel to this could be used for FTAM-to-FTP file transfers. The first step is to obtain a destination host address from the user. If this address is an IP address, it is assumed that the desired file transfer is FTP-to-FTP and so an FTP-to-FTP session is initiated immediately. No further steps in this algorithm should be followed. If the address is not an IP address, an attempt is made to resolve it to an IP address via a static host table (e.g. /etc/hosts) or a dynamic domain name service (e.g. BIND Resolver). If this resolution is successful, then it is assumed that the desired file transfer is FTP-to- FTP and so an FTP-to-FTP session is initiated immediately. No further steps in this algorithm should be followed. If the address has not yet been resolved, it is assumed to be an alias and is looked up in the DN Alias configuration file (see Appendix A.1). If the alias is located here, then a connection is attempted to one of the gateways listed in the DN Alias configuration file. Preferred gateways are attempted first, default gateways are attempted if and when the list of preferred gateways has been exhausted. 39 The user program passes the authoritative Distinguished Name (of the ultimate destination FTAM host) to the gateway and waits for a status message indicating whether or not the gateway could resolve the Distinguished Name to an OSI Presentation address. If a gateway is unable to resolve the Distinguished Name, then: 1. the connection to that gateway is broken, 2. a connection is made to next known gateway, and 3. that gateway is given the task of resolving the Distinguished Name. A gateway attempt is considered a failure if either one of the following conditions arises: 1. Network connection to it is not possible. 2. It is unable to resolve the authoritative Distinguished Name to an OSI Presentation address. If all available gateway attempts have failed, then a message is returned to the user indicating that the user-provided destination address is unresolvable. No further steps in this algorithm should be followed. If a gateway is able to resolve the Distinguished Name to an OSI Presentation address, then the gateway will initiate a network connection to that OSI Presentation address. Gateway transparency has been achieved. The FTAM host login prompt sequence will be returned to the user program for display to the human user. The user can now log onto the FTAM host using a valid userid and password. A.2.2 Typical Session Gateway transparency has been achieved. After specifying the destination host address in symbolic form (an alias), the user is not required to do anything until either one of the following conditions arises: 1. The login sequence from the destination FTAM host is presented to the user. 2. The user receives a message from the local user program indicating that the destination address he provided is not resolvable. Figures A-1 and A-2 show typical protocol exchanges that might occur during the verification of a Distinguished Name by the user program. Figure A-1 depicts a scenario in which the verification is successful. Figure A-2 depicts a scenario in which the first gateway is unable to resolve the Distinguished Name, yet the gateway that is subsequently accessed is able to resolve the Distinguish Name and permit the user to logon to the ultimate destination host. 40 EFTS Gateway FTP ------------------------------------------------------------ (EFTS connects to gateway host, port x) (establishes control connections) <---- 220 Service ready (EFTS sends) USER FTP-User ----> <---- 331 User name ok (EFTS sends) SITE C "Japan" (EFTS sends) SITE O "Great OSI Software, Inc." (EFTS sends) SITE OU "Product Support" (EFTS sends) SITE CN "ftamhost" (EFTS sends) SITE CN "filestore" <----- 332 Need account for login. <----- (login prompt is passed to FTP user) (Human user sends) USER mindel -----> <---- 331 User name okay, need password. (Human user sends) PASS mypasswd -----> <----- 230 User logged in, proceed. Figure A-1 - Distinguished Name is Resolved 41 EFTS Gateway FTP ------------------------------------------------------------ (EFTS connects to gateway host, port x) (establishes control connections) <---- 220 Service ready (EFTS sends) USER FTP-User ----> <---- 331 User name ok (EFTS sends) SITE C "Japan" (EFTS sends) SITE O "Great OSI Software, Inc." (EFTS sends) SITE OU "Product Support" (EFTS sends) SITE CN "ftamhost" (EFTS sends) SITE CN "filestore" <----- 532 Need account for storing files. (EFTS sends) QUIT (EFTS connects to a different gateway host, port x) (establishes control connections) <---- 220 Service ready (EFTS sends) USER FTP-User ----> <---- 331 User name ok (EFTS sends) SITE C "Japan" (EFTS sends) SITE O "Great OSI Software, Inc." (EFTS sends) SITE OU "Product Support" (EFTS sends) SITE CN "ftamhost" (EFTS sends) SITE CN "filestore" <----- 332 Need account for login. <----- (login prompts are passed to FTP user) (Human user sends) USER mindel -----> <---- 331 User name okay, need password. (Human user sends) PASS mypasswd -----> 42 <----- 230 User logged in, proceed. Figure A-2 - Distinguished Name is Resolved on Second Attempt 43