Firewall Wizards mailing list archives
Re: Our friend FTP, again
From: "Ryan Russell" <Ryan.Russell () sybase com>
Date: Thu, 15 Apr 1999 08:05:32 -0700
2) Use HTTP for all file downloadsHTTP is no good. A new control connection for every file you download
Not a control connection.. a connection. FTP also opens a new connection for every file transferred, and still has to have a control connection.
is authentication nightmare.
The problem with HTTP authentication is that it assumes it can use the same name and password for each connection, and sends it every time. FTP does it once and individual file transfers are unauthenticated, except possibly by IP address and port number.
HTTP lacks reliable OTP implementation,
That's because of the above... Lots of protocols have this problem, FTP isn't one of them. HTTP needs to add a OTP flag, and a short-lived cookie needs to be set to authenticate after the first time.
both client and server sides. HTTP causes problems when uploading files.
Mechanisms exists to upload files with HTTP, they're just not real well
fleshed-out, and we have to go thorugh the iterations of permissions
problems we have already done with FTP.
Ryan
Current thread:
- Our friend FTP, again Matthew Patton (Apr 14)
- Re: Our friend FTP, again Marcus J. Ranum (Apr 14)
- Re: Our friend FTP, again Woody Weaver (Apr 15)
- <Possible follow-ups>
- Re: Our friend FTP, again ark (Apr 15)
- Re: Our friend FTP, again Chad Schieken (Apr 15)
- Rant (Was Re: Our friend FTP, again) Marcus J. Ranum (Apr 15)
- Re: Rant (Was Re: Our friend FTP, again) Leonard Miyata (Apr 17)
- Re: Our friend FTP, again Chad Schieken (Apr 15)
- Re: Our friend FTP, again Marcus J. Ranum (Apr 14)
- Re: Our friend FTP, again Ryan Russell (Apr 15)
- Re: Our friend FTP, again Matthew Patton (Apr 17)
- Re: Our friend FTP, again Ryan Russell (Apr 15)