Received: with ECARTIS (v1.0.0; list gopher);
 Sun, 13 Oct 2002 08:43:06 -0500 (EST)
Return-Path: <jgoerzen@complete.org>
Delivered-To: gopher@complete.org
Received: from christoph.complete.org
 (0-1pool88-127.nas8.indianapolis1.in.us.da.qwest.net [65.128.88.127])
	(using TLSv1 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits))
	(Client CN "christoph.complete.org",
 Issuer "John Goerzen -- Root CA" (verified OK))
	by gesundheit.complete.org (Postfix) with ESMTP
	id 2C33A62E1E; Sun, 13 Oct 2002 08:42:51 -0500 (EST)
Received: by christoph.complete.org (Postfix, from userid 1000)
	id 316A52B77A; Sat, 12 Oct 2002 14:50:04 -0500 (EST)
Date: Sat, 12 Oct 2002 14:50:04 -0500
From: John Goerzen <jgoerzen@complete.org>
To: gopher@complete.org
Subject: [gopher] Re: Uploading
Message-ID: <20021012195004.GB21897@complete.org>
References: <200210082314.37485.hardburn@runbox.com>
Mime-Version: 1.0
Content-type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <200210082314.37485.hardburn@runbox.com>
User-Agent: Mutt/1.4i
Content-Transfer-Encoding: 8bit
X-archive-position: 706
X-ecartis-version: Ecartis v1.0.0
Sender: gopher-bounce@complete.org
Errors-to: gopher-bounce@complete.org
X-original-sender: jgoerzen@complete.org
Precedence: bulk
Reply-to: gopher@complete.org
List-help: <mailto:ecartis@complete.org?Subject=help>
List-unsubscribe: <mailto:gopher-request@complete.org?Subject=unsubscribe>
List-software: Ecartis version 1.0.0
List-ID: Gopher <gopher.complete.org>
X-List-ID: Gopher <gopher.complete.org>
List-subscribe: <mailto:gopher-request@complete.org?Subject=subscribe>
List-owner: <mailto:jgoerzen@complete.org>
List-post: <mailto:gopher@complete.org>
List-archive: <http://www.complete.org/mailinglists/archives/>
X-list: gopher


On Tue, Oct 08, 2002 at 11:14:33PM -0500, Timm Murray wrote:

> Are there any current standards for uploading via Gopher?  I'm working on a 

None.  Some thoughts:

 * We do have protocols for Gopher authentication, though I do not know
   if they're secure.  UMN gopherd builds without them for now because
   there are security holes in UMN gopherd's implementation.

 * We do have SSL.

 * One could slightly modify the Gopher protocol for uploads.  Have the
   client send a selector string as usual [1], and then have the client
   transmit the remainder of the document.  The server could do
   authentication based on SSL -- the connection could be wrapped in SSL.

 * Your ASK proposal sounds interesting too.

[1] There'd have to be some new token to signify a pending upload

While we're at it, it would be nice to specify a transport protocol for
Gopher menu files.  It would not necessarily be what any Gopher server uses
on-disk, but would permit a standard way for clients to upload those.  The
server could then be free to store it as it sees fit.

> module doesn't support password authentication.  Gopher upload would make 
> everything integrate nicely.

I personally use rsync or scp.

-- John