Re: The yearly FTP rant (Was: Re: Passive FTP and NAT/PAT with PIX and Serv-U)

[Fritz Ames <fritzames () earthlink net>]

All,
   I guess that I am with Mr. Kistner.  Rant time?  (...stepping up on 
soapbox...)  Does that mean that we can criticize the old protocols for 
not meeting standards based on our current perspective?  Is it important 
to remember that we are standing on the shoulders of giants?  To 
casually dismiss the tremendous volume of good work that went into the 
infrastructure that we enjoy today is a shame--and a waste of 
institutional knowledge.  Take a look at 
http://www.ayukov.com/nftp/ftp-rfc.html for a taste of what went into 
building the FTP we have today.  Then take a look at RFC959 ( 
http://www.ietf.org/rfc.html ), which is 16 years old, predates many of 
our group's knowledge of even the existence of the Internet, and is an 
extensive piece of specification work.  More work probably went into 
just the generation of the ASCII-art block diagrams showing how FTP 
works than went into most of the criticism that I have seen.  Read, 
completely, RFC2468 and RFC2555 (Really.  They're not long.) to see who 
*some* of these people are whom we are criticizing.  (So this sounds 
like I am on a soapbox...  I'll get down now.)  Ummm...  So I guess that 
I'll have to sign on to help work on a better spec., to replace the 
current spec.  Where do I go to stand in line?  (Why can't I work on a 
more *fun* one--having meetings in Paris to talk about XML?)  [;-)]


Thanks,

Fritz

Tom Kistner wrote:

> On Wed, Apr 03, 2002 at 01:07:11AM +0200, Mikael Olsson (mikael.olsson () clavister com) wrote:
>
> > Heck, simply moving the data channel to an in-line channel in
> > the port 21 connection would be by far more preferable, and easier
> > to implement to boot. I can't believe they botched the perfectly 
> > good chance of clearing up this old mess when they adapted FTP to 
> > IPv6, rather than just extending the "PORT" and "227" messages to 
> > handle IPv6 addresses in ASCII format. (But then again, I'm a 
> > grumpy security guy whose pet peeve is protocols with dynamic 
> > channels, not a stressed-out engineer who needs to get things 
> > working yesterday.)
>
> Theres a good reason for the data channels to be on separate connections:
> Server-to-Server transfers, commonly known as "FXP".
>
> That feature was used quite a lot in "the old days". Today, it's
> used mainly for warez currying.
>
> So i'd say it's not an old mess, FTP just stays the way it is even in IPv6.
>
> There are umpteen other ways to transfer files, why not use one of those ?
>
>
> /tom