No More FTP At Debian (debian.org) 24
New submitter Gary Perkins writes: It looks like anonymous FTP is officially on its way out. While many public repositories have deprecated it in favor of HTTP, I was rather surprised to see Debian completely drop it on their public site. In a blog post, the team cited the FTP's lack of support for caching or acceleration, and declining usage as some of the reasons for their decision.
Thank goodness, FTP needs to die in a fire. Everyone should be using SCP/SFTP nowadays anyways.
Or https/http, for simply fetching files.
Correct, FTP was never intended to transport files.
HTTP is faster to connect (Score:4, Informative)
Every time I used FTP in my sources.list, it was slower to connect. The whole apt-get update process could therefore be twice as long on FTP, compared to HTTP. Even though I guess once connected, the file transfer protocol should be more efficient.
Even though I guess once connected, the file transfer protocol should be more efficient.
There are huge differences between FTP servers in terms of their delivery.
But today's Apache delivers static files extremely fast, by telling the kernel to move a file data onto the network card, so the data are never actually moved to the application. That's fast, and you can still play proxying, cache-freshness and other HTTP tricks on top of this.
Just put some memory on the server and sure the files will be cached by the OS in memory in the buffer/cache area.
uucp now deprecated by ftp.
I was pretty excited by the title - thought maybe there would be a wholesale move to HTTPS, given that it's 2017 and all.
Signed packages are great, but everything should be working towards being pro-privacy and MitM-resistant by this point. Leaking metadata is so 2014.
Compatibility, for one. If you want to support downloads from very old systems, then that HTTPS has to use insecure encryption anyway and one IP address per hostname.
If there's one place where you'd want to allow old systems to connect, it's for downloading system updates.
The "lack of caching and acceleration" may be one of the reasons to stay with HTTP.
HTTPS proxy support is very limited by design (because a proxy is a man-in-the-middle). And a caching HTTP proxy is really great for public repositories.
Also, HTTPS is supported in the client, it is just that most servers are HTTP-only.
...and nothing of value was lost.
FTP has been obsolescent ever since NAT became widespread. HTTP passes through NAT with ease since only one TCP connection is established by the client to the server. The FTP way of using two separate connections for commands and data, and making the server connect back to the client, was always problematic. Passive mode FTP, in which the client establishes both connections, was always a lousy kludge to fix a fundamental incompatibility with NAT.
FTP was an established enough protocol that most NATs added specific support for it.
