FTP is 50 years old

The 16th of April 1971 is not only the date when the Rolling Stone first released Brown Sugar, it is also marked with the publication of RFC 114 marking the birthday of FTP.

Back in those days, the Vietnam war is at the forefront of the news, TCP/IP didn’t exist yet, Jimi Hendrix died 6 months ago, telnet was the new cool kid and some of the most influential rock n roll artists were about to release masterpieces while FTP was using a network protocol called NCP.

Over the years, the FTP protocol got refined with 16 different revisions(*1) adding support with TCP/IP, a secure extension also known as FTPS which is leveraging the same tech as HTTPS and more recent addition like IPv6 support.

Fifty years after its inception, FTP is still going very strong with millions of FTP server still being exposed on the internet which is fairly amazing considering the bad press it gets from so many people and companies like Dropbox writing on how bad FTP is conflating the protocol to a full-fledge product. Not to mention the closest thing they got to the FTP protocol is their far less shinny proprietary API that is only usable if Dropbox is kind enough to grant you a key.

In 2021, what seems to be acknowledged as progress take the form of proprietary protocols made behind closed doors and without any RFC whatsoever. Instead, vendors wanting to create competing servers are left reverse engineering SDKs as how Minio did with S3.

Also, how could we touch the topic of FTP without pointing at the most infamous comment on hacker news which has been a major inspiration source when creating Filestash. Indeed, I believe it shouldn’t matter which protocol the tool my mum uses my mum’s tool is using, as soon as this tool is easy to use, she can transfer those photos she wants to share, open up videos and do all the other things that shouldn’t require her to know about a protocol as our job as engineers is to abstract away all those complicated stuff so that by the magics of abstraction, someone accessing their bank account from the comfort of their browser isn’t expected to pick a cipher when negotiating SSL.

(*1) FTP over the years: