From owner-freebsd-security Thu Jun 14 15:48:54 2001 Delivered-To: freebsd-security@freebsd.org Received: from giganda.komkon.org (giganda.komkon.org [209.125.17.66]) by hub.freebsd.org (Postfix) with ESMTP id 5B78437B406 for ; Thu, 14 Jun 2001 15:48:40 -0700 (PDT) (envelope-from str@giganda.komkon.org) Received: (from str@localhost) by giganda.komkon.org (8.9.3/8.9.3) id SAA02219; Thu, 14 Jun 2001 18:48:24 -0400 (EDT) (envelope-from str) Date: Thu, 14 Jun 2001 18:48:24 -0400 (EDT) From: Igor Roshchin Message-Id: <200106142248.SAA02219@giganda.komkon.org> To: sirmoo@cowbert.2y.net Subject: Re: OT: FTP almost gone now? (was: Re: IPFW almost works now.) Cc: freebsd-security@FreeBSD.ORG In-Reply-To: <20010614223042.6459.qmail@d170h113.resnet.uconn.edu> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > From: "Peter C. Lai" > Date: Thu, 14 Jun 2001 22:30:41 GMT > > Cy Schubert - ITSD Open Systems Group writes: > > > > > Applications that use HTTP PUT and POST can be just as interactive and > > useful. The reason we don't see any applications like this in > > widespread use is that the nail doesn't hurt enough for anyone to do > > anything about it yet. Once it does standards will change and > > applications will be built. It is discussions like this that cause > > people to to think and interact. After enough of these discussions > > eventually the light bulb will turn on in someone's head and we will > > have a new application based on HTTP or whatever else to replace FTP. > > > > I recently completed a project for school where all user interaction was > completed via HTTP POST and PUT with event handling generated via ASP or PHP > scripts (required features included form handling, ODBC/SQL handling, and > file transfer). In fact, one could make a very nice file transfer client out > of purely CGI/PHP using HTTP. Installed on a machine with apache, one > wouldn't even need ftpd. Encryption would then be achieved by using HTTPS. > ----------- In fact, it is possible to do file transfer via telnet, or many other TCP-based protocols (including secure, or secured (e.g. with SSL) ones)... Even X/Y/ZMODEM with a few scripts can be used for that :)... I think, nobody argues that. The question is about simplicity of use, and effectiveness of transfer. Having ZMODEM, a few scripts on top of that, and telnetd, one wouldn't even need to have ftpd, httpd, etc, etc.. :) Well, if my irony is not quite clear, all I mean: script-based (especially, CGI) file transfer is a HACK, not a protocol... Regards, Igor To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message