What security risk does TFTP pose that isn't also shared by HTTP?
Not security of the protocol necessarily, but you will find that TFTP is filtered by a number of cable modem providers on the CPE side of the cable modem.
Not arguing if filtering/not filtering it is better, just thats one roadblock any provider will come across in trying to use TFTP.
sam