Re: Problems with Apt-Get
On Thu, Mar 20, 2003 at 06:01:13PM -0600, Joseph A Nagy Jr wrote:
> Colin Watson wrote:
> >On Thu, Mar 20, 2003 at 04:39:51PM -0600, Joseph A Nagy Jr wrote:
> <snip>
> >>Perhaps one day they'll improve upon FTP.
> >
> >HTTP improved upon FTP long ago. The fact that the name hasn't been
> >changed doesn't affect this.
> >
> >(I do this for a living.)
>
> Then what purpose does the continued use of FTP serve?
The only reason I've needed to use FTP in the last few years, other than
to download files from locations that don't advertise an HTTP
alternative, is when interacting with obsolete machines where for one
reason or another I can't get either ssh or a simple web server going.
Even for file uploads you probably want to consider a web server that
supports HTTP PUT, as that's usually easier to secure.
Other than laziness and perhaps lack of handy HTTP PUT clients, although
I think the advent of WebDAV support in popular applications is
beginning to fix the latter, I can't see a reason to use FTP in the
modern world. Debian mirrors still provide it probably mostly because
it's always been there (Debian predates HTTP/1.1 by a few years), and
because the administrators would get deluged in uninformed e-mail if
they turned it off.
Maybe somebody should put together canned configuration files for a few
popular web servers that provide authenticated upload and anonymous
download, together with a set of links to good clients for all popular
operating systems. Then we might be able to start killing off the
security nightmares that are most FTP servers.
Cheers,
--
Colin Watson [cjwatson@flatline.org.uk]
Reply to: