The Internet2 FileSender Service
Document version 1.1 7/16/12
(The FileSender service, operated by Internet2, is supported in part by grant OCI-1160878 from the National Science Foundation. Software used by FileSender was initially developed by a consortium of research and education networking organizations including AARNET, UNINETT, HEAnet, and SURFnet. Support of all of these organizations is gratefully acknowledged.)
FileSender is a service of Internet2 that allows authorized users to store and send files to any Internet user who has access to e-mail and an appropriately configured web browser. It is primarily of interest to users who need to send files larger than those allowed by e-mail systems (typically limited to 10MB to 20MB depending on the e-mail system). FileSender is currently configured to allow files to be sent up to 1TB in size, although due to typical end-user network connection speeds and network performance conditions, it will be most useful for files in the 10MB to 50GB range. Unlike regular e-mail attachments, where the contents are included in the e-mail, FileSender places the file contents on the FileSender server and an e-mail is sent to the specified recipients informing them how they can retrieve the file that has been temporarily stored on the FileSender service. A file placed on this service is automatically deleted after at most two weeks (whether or not it has been retrieved by the intended recipient(s)), and once deleted, is not available for retrieval by either the user who placed the file on the server or the intended recipient(s).
FileSender is a transient service for sending large files to other Internet users, and is not designed to be an archival or highly reliable service. IT SHOULD NOT BE RELIED ON FOR STORING THE ONLY COPY OF A FILE, AS NO BACKUPS ARE MADE OF THE STORE NOR ARE FILES STORED IN A REDUNDANT OR REPLICATED FORM. UNDER VARIOUS SYSTEM FAILURE SCENARIOS (HARDWARE, SOFTWARE, OR DAMAGE OR LOSS TO PHYSICAL FACILITIES) FILES MAY BE LOST AND NOT BE RECOVERABLE. THE SERVICE IS NOT OPERATED AS A SECURE SERVICE AND SHOULD NOT BE USED FOR SENDING CONFIDENTIAL OR SENSITIVE INFORMATION. FILES ARE NOT ENCRYPTED EITHER IN TRANSMISSION OR ON DISK, AND IN THE EVENT THAT THE SYSTEMS USED TO STORE AND TRANSMIT THESE FILES ARE COMPROMISED OR BREACHED, CONTENTS MAY BE ACCESSIBLE TO UNINTENDED PARTIES. It is fully the responsibility of the users of this system to determine whether this system is appropriate for their use, and it is operated solely on an “as is” basis with no warranties as to its usefulness or appropriateness for any specific purpose.
There is no charge to InCommon members for using this service. A complete description of the terms and conditions for using this service can be found at http://www.internet2.edu/filesender/tos.html and a privacy statement that details operational privacy policies for the service can be found at http://www.internet2.edu/filesender/privacy.html. Every time users use this service to store a file, they must acknowledge acceptance of these terms and conditions. These terms and conditions are also available for review when accessing the service and prior to accepting them.
Use of FileSender is limited to users at educational and research institutions in the United States who are members of InCommon (InCommon is the higher education trust federation in the United States and is operated by Internet2), and who operate an identity provider (IdP) registered with InCommon. Additionally, the IdP must make available to the FileSender service certain user attributes such as the authenticated user’s name (EduPersonPrincipleName) and e-mail address in order to use the service. If your campus’s IdP does not make those attributes available to FileSender, you will get an error messages to that effect. You must contact your campus information technology office and let them know that you want to use this service and that they need to make those attributes available to FileSender. They can do this by default by releasing those attributes to all services that are approved as “research and scholarship” services.
In order to use FileSender you must use a current version Internet browser that supports HTML5 and specifically the FileAPI.
You initiate access to the FileSender service by navigating to http://filesender.internet2.edu with an appropriate web browser. Note: Depending on whether you have previously logged in to FileSender or another InCommon registered service, some of the following windows may have already been pre-processed and will be skipped.
Click Logon to initiate the service.
You first need to identify the InCommon member institution that will authenticate your login credentials. If your institution does not appear in the pull-down list, it means that it is not a member of InCommon or does not currently have a registered identity provider (IdP), and you will need to contact the appropriate office at your institution in order to have them join InCommon or bring up a registered IdP. Please do not contact InCommon or Internet2 as we have no ability to solve this problem, nor do we offer guest accounts to individuals. In this example, we have selected “Internet2” as the InCommon member who will authenticate this transaction. Note that FileSender is only available to users at academic institutions or research labs who are members of InCommon, and does not allow access to the general public, so the comment about creating a ProtectNetwork guest ID does not pertain to the FileSender service.
After selecting an appropriate institution, you will be directed to a login screen similar to that shown below; the particular appearance of this screen will depend on your institution, as you are actually logging in to the IdP at your home institution and not directly to the FileSender service:
After logging in to your home institution and assuming that it provides the appropriate user name and e-mail attributes to FileSender, you will be shown the following screen. If your institution does not provide both user name and e-mail address attributes, one of several error messages may appear instead of the following screen, giving you more information on what you need to do to contact appropriate personnel on your campus if you desire to use this service.
The next screen is where you actually accomplish the real work of storing a file that will be made available to those you specify as potential recipients of the file. In the To field, enter the e-mail address(es) of those whom you want FileSender to notify that the file is available for them to retrieve. They will be sent a message including a URL that can be used to pick up the file after FileSender has stored it. Subject and Message are optional fields that can be used to alert the recipient as to the nature of the file they are being given access to. The Expiry date is the date you want FileSender to automatically delete the file from the service. This will occur whether the specified recipients have retrieved the file or not, and cannot be set to more than two weeks in the future. It may however, be set to a shorter interval.
While the name of the URL that can be used to pick up the file is obscure and encoded, it is not secure. Anyone who is obtains that URL can retrieve the file, so the security of this process is only as secure as unencrypted e-mail. As such, this service should only be used for sending files that do not contain highly sensitive or confidential material. When using this service, you should ask yourself, “Would I send this file as an attachment via normal e-mail if it weren’t for the size restriction?” If the answer is no, then do not use FileSender, as it provides a service of approximately the same security level as e-mail attachments, which is not very high.
FileSender does not (at this time) require that recipients be able to authenticate themselves to the service, so the recipient(s) of the file do not need to be members of InCommon participant organizations. So anyone who obtains or intercepts the e-mail message with the encoded URL (or even someone who is able to guess the URL) will be able to retrieve the file. While FileSender itself does not provide an encryption service, you are free to encrypt the file via external means and then give FileSender the encrypted file to send as a method of increased security. If you do this, it is highly recommended that you do not give the decryption key to the recipient as part of the e-mail message that is created by FileSender below, as that defeats the purpose of encrypting the file. Rather, give the decryption key to the user by an alternative method, ideally not via e-mail (for example, call the user or give it to them using an entirely different technology than what is being used to send the file).
You must also accept the terms and conditions for using this service by clicking the appropriate box. You can show the terms and conditions at that time, and they are also shown at the end of this document.
After filling in all required fields and accepting the terms and conditions for using this service, the Send button appears. When you click Send, the process of uploading the file to the service begins.
The transmission time required depends on the size of the file, the network connection speed of your workstation (and all of the other variables that affect the performance of network transmissions). When the transmission is completed, the following message appears:
Within a short interval after transmission, recipient(s) of the file will receive an e-mail message that looks like the following. When they click on the Download link they will begin the process of downloading the file to their workstations:
The file will remain on the FileSender service until the Valid until (Expiry) date has been exceeded, at which point it will be automatically deleted. Internet2 is unable to extend the validity date for any reason, nor retrieve files that have been deleted. Internet2 does not do periodic backups of the service, so there are no backup tapes that can be accessed to retrieve a deleted file.
The FileSender service is monitored for general operational status, and system crashes that result in the system being down will normally result in an appropriate Internet2 staff member being notified. If you feel that there are operational issues with the systems that are not being resolved, a message can be sent to Filesender-support@Internet2.edu.