[tz] Data loss on FTP Server
Paul.Koning at dell.com
Paul.Koning at dell.com
Wed Oct 25 00:10:14 UTC 2017
> On Oct 24, 2017, at 4:38 PM, Paul Eggert <eggert at cs.ucla.edu> wrote:
>
> On 10/24/2017 12:38 PM, Kim Davies wrote:
>> Please try again now, it should be resolved.
> Thanks for fixing that.
>
> I no longer recommend FTP to get tzdb. FTP has trouble with firewalls, does not support caching or accelerators, has an aging software base, and has real problems with man-in-the-middle attacks. Although we don't have immediate plans to remove the FTP servers, anybody who's currently using them should put "switch to HTTPS for tzdb access" on their to-do list, as I expect the FTP servers will be on their way out sooner or later.
FTP works fine with firewalls, if the firewall software is any good. And as others pointed out, FTP does more than simply retrieve files the way HTTP does.
If you want to consider something else that is functionally comparable with FTP, that's fine. Does SFTP? I don't really know it. But HTTP isn't a functional replacement for FTP at all.
As for man in the middle attacks, that's what data signatures are for. No worries about the protocols if the data is authenticated.
paul
More information about the tz
mailing list