WebDAV vs FTP, not an easy choice

Greg Stein's DAV Frequently Asked Questions (FAQ) contains this 
interesting (to me) comparison of WebDAV and FTP:

>Q.  Why should I use DAV instead of FTP?
>A.   Since DAV works over HTTP, you get all the benefits of HTTP 
>that FTP cannot provide. For example:           strong 
>authentication, encryption, proxy support, and caching. It is true 
>that you can get some of this through SSH, but the HTTP 
>infrastructure is much more widely  deployed than SSH. Further, SSH 
>does not have the wide complement of tools, development libraries, 
>and applications that HTTP does.
>DAV transfers (well, HTTP transfers) are also more efficient than 
>FTP. You can pipeline multiple transfers through a single TCP 
>connection, whereas FTP requires a new connection for each file 
>transferred (plus the control connection).

Recent events prompting heightened concerns about security and the 
ever widening distribution of FireWall products certainly support the 
assertions about plain vanilla FTP  being problematic.  As well, 
FTP's SSH-enhanced varieties (SFTP, SCP, etc.) are generally beyond 
the reach of typical clients although GUI apps currently available 
are beginning to tear down that barrier (see: 
http://www.gideonsoftworks.com/sshhelper.html and 

However, the answer does not address those valuable things that FTP 
can do that WebDAV currently cannot do or cannot do well. 
Specifically, I refer to the following:

1) WebDAV cannot be programmatically and securely applied to 
individual web sites.  Currently, creating an account on my MacOS X 
Server (Apache) programmatically creates web space whose address 
takes the form http://myserver.gcsu.edu/~username and 
programmatically enables FTP access to that web space using the un/pw 
assigned to the account.  This can be done on a large scale with 
batch methods.

2)  WebDAV does not offer disk space quota enforcement and the means 
with which to discover one's usage of that disk space and take 
corrective action.

3) WebDAV does not offer password management (neither does FTP but I 
mention it here to complete a basic feature list).

Of course, I would like to be wrong about this and I believe that I 
am.  Apple seems to have accomplished a good measure of what I 
describe above with "dotMac" accounts that include WebDAV access via 
what it calls an "iDisk."  However, the techniques behind this are 
not generally and perhaps not even publicly, available.

I would like to extend this kind of functionality to the thousands of 
students and hundreds of faculty at my university but apparently 
cannot due to the unavailability of critical information n the 
techniques employed.  Being able to drop support for FTP would 
certainly make our networking a security folks happy.  Being able to 
supplant FTP with WebDAV would likely be viewed as progress by our 
clients.    Unfortunately, it does not appear to be possible right 

Here, again, I hope to be shown the error of my thinking.

Dr. Frank Lowney  flowney@mail.gcsu.edu
     Director, Electronic Instructional Services, a unit of the
     Office of Information and Instructional Technology,
     Professional Pages: http://www.gcsu.edu/oiit/eis/
     Personal Pages: http://www.faculty.de.gcsu.edu/~flowney
Voice: (478) 445-5260
We don't make instruction effective, we make effective instruction 
more accessible.

Received on Sunday, 29 June 2003 08:47:24 UTC