- From: Frank Lowney <frank.lowney@mac.com>
- Date: Sun, 29 Jun 2003 08:47:17 -0400
- To: w3c-dist-auth@w3.org
Greg Stein's DAV Frequently Asked Questions (FAQ) contains this
interesting (to me) comparison of WebDAV and FTP:
>Q. Why should I use DAV instead of FTP?
>
>A. Since DAV works over HTTP, you get all the benefits of HTTP
>that FTP cannot provide. For example: strong
>authentication, encryption, proxy support, and caching. It is true
>that you can get some of this through SSH, but the HTTP
>infrastructure is much more widely deployed than SSH. Further, SSH
>does not have the wide complement of tools, development libraries,
>and applications that HTTP does.
>
>DAV transfers (well, HTTP transfers) are also more efficient than
>FTP. You can pipeline multiple transfers through a single TCP
>connection, whereas FTP requires a new connection for each file
>transferred (plus the control connection).
Recent events prompting heightened concerns about security and the
ever widening distribution of FireWall products certainly support the
assertions about plain vanilla FTP being problematic. As well,
FTP's SSH-enhanced varieties (SFTP, SCP, etc.) are generally beyond
the reach of typical clients although GUI apps currently available
are beginning to tear down that barrier (see:
http://www.gideonsoftworks.com/sshhelper.html and
http://afp548.com/Software/Vapor/index.html).
However, the answer does not address those valuable things that FTP
can do that WebDAV currently cannot do or cannot do well.
Specifically, I refer to the following:
1) WebDAV cannot be programmatically and securely applied to
individual web sites. Currently, creating an account on my MacOS X
Server (Apache) programmatically creates web space whose address
takes the form http://myserver.gcsu.edu/~username and
programmatically enables FTP access to that web space using the un/pw
assigned to the account. This can be done on a large scale with
batch methods.
2) WebDAV does not offer disk space quota enforcement and the means
with which to discover one's usage of that disk space and take
corrective action.
3) WebDAV does not offer password management (neither does FTP but I
mention it here to complete a basic feature list).
Of course, I would like to be wrong about this and I believe that I
am. Apple seems to have accomplished a good measure of what I
describe above with "dotMac" accounts that include WebDAV access via
what it calls an "iDisk." However, the techniques behind this are
not generally and perhaps not even publicly, available.
I would like to extend this kind of functionality to the thousands of
students and hundreds of faculty at my university but apparently
cannot due to the unavailability of critical information n the
techniques employed. Being able to drop support for FTP would
certainly make our networking a security folks happy. Being able to
supplant FTP with WebDAV would likely be viewed as progress by our
clients. Unfortunately, it does not appear to be possible right
now.
Here, again, I hope to be shown the error of my thinking.
--
=====================================================================
Dr. Frank Lowney flowney@mail.gcsu.edu
Director, Electronic Instructional Services, a unit of the
Office of Information and Instructional Technology,
Professional Pages: http://www.gcsu.edu/oiit/eis/
Personal Pages: http://www.faculty.de.gcsu.edu/~flowney
Voice: (478) 445-5260
=====================================================================
We don't make instruction effective, we make effective instruction
more accessible.
Received on Sunday, 29 June 2003 08:47:24 UTC