- From: Eric J. Bowman <eric@bisonsystems.net>
- Date: Wed, 21 Jan 2015 15:27:12 -0700
- To: Noah Mendelsohn <nrm@arcanedomain.com>
- Cc: Domenic Denicola <d@domenic.me>, "chaals@yandex-team.ru" <chaals@yandex-team.ru>, Daniel Appelquist <appelquist@gmail.com>, TAG List <www-tag@w3.org>
Noah Mendelsohn wrote: > > FWIW: integrating FTP content into the Web was one of the original > goals that Tim set for URIs and the Web: > > "By Universal I mean that the web is declared to be able to contain > in principle every bit of information accessible by networks. It was > designed to be able to include existing information systems such as > FTP, and to be able simply in the future to be extendable to include > any new information system. " > > The TAG also has historically kept an eye on the degree to which > widely used implementations (think IE, Firefox, Apache, IIS, etc.) > implemented Web standards. ftp-scheme URIs are such a standard and > Chrome is obviously widely-deployed. > Thank you. > > > If you would like to suggest the TAG issue a finding on FTP’s place > > int he web then please submit some ideas on this topic (under a new > > subject header). > > I agree, that's the right way to frame the question. Whether this is > worth the TAG's attention right now I'm not sure, but I believe it's > in scope and very much in the spirit of issues the TAG has in the > past chosen to pursue. I've changed the subject line :-). > OK, my way of bringing up a topic leaves something to be desired. Sorry 'bout that, everyone. I'm trying to be less wordy, and thought I was pointing out something of obvious relevance to this Finding, since I thought FTP support being part of the Web architecture went without saying. Domenic Denicola wrote: > > > > > How is Chrome's FTP support not working on certain peoples > > computers (but working on others) relevant to "moving the web to > > only accept material over encrypted connections"? > > > The last time one browser had lackluster support for a longstanding feature, it was removed, along with native-mode XSLT from my toolbox of cross-browser solutions (without a plugin) whether or not other browsers followed suit. Which is relevant to my asking about the status of FTP support -- I don't attend the meetings nor do I get all the memos, so I don't know if deprecating FTP support has been discussed. Having support for FTP disappear from Chrome for me after taking years to appear in the first place (acknowledged bug nobody was in a hurry to fix), seems like an executive decision. Because that's easier to believe, than it is to believe Google doesn't do regression testing and isn't aware of the problem before any bug is reported. So obviously they don't care, but that leaves me to wonder why not -- is it because ftp:// is no longer considered part of the Web? Seems pertinent to ask this question nowadays, because I really don't know what definition of "Web" is operative anymore. Daniel Appelquist wrote: > > I agree. IMO this is a rat hole. The https draft is about encrypted > http. > Is that what we're calling it? I thought it was called "Securing the Web". Either way, we *are* talking about wholesale change to the Web architecture. What I'm trying to figure out, is whether deprecating FTP is an unintended side effect, a browser bug, part of that plan, or what. Which hadn't occurred to me until I tried following an ftp:// link to an RFC posted in this very thread. But I had wondered when I read the document, why FTP wasn't mentioned. I assumed follow the HTTP example, i.e. use the sftp:// URI scheme. Now I'm not so sure the Web isn't assumed to mean HTTP(S), WS, etc. but not FTP. The reason I brought it up in this thread, is I believe the TAG *should* consider FTP in these discussions, if it hasn't already. Not some other document later in time saying "Oh by the way, about FTP..." As I can't think of any other protocol which browsers might handle which also has two URI schemes based on TLS / no TLS, I can't help but think the Finding should discuss transitioning both HTTP and FTP, if my assumption of using sftp:// is wrong. Or is it ftps://? One sentence of guidance would help, unless that would be an endorsement of FTP the TAG is trying to avoid for some reason? Or mention that FTP is no longer considered part of the Web, maybe with a reference to that decision as I'm unaware of it. But I don't see how FTP falls beyond the scope of transitioning the web to have greater privacy/confidentiality, ftp:// is a common-enough unencrypted URI scheme Web users may encounter. Some mention of FTP in *this* finding is, IMO, warranted. -Eric
Received on Wednesday, 21 January 2015 22:27:56 UTC