Date: Mon, 5 Apr 2021 14:10:09 +0200 From: Ruben van Staveren <ruben@verweg.com> To: freebsd-stable stable <freebsd-stable@freebsd.org> Subject: Re: Deprecating base system ftpd? Message-ID: <38DE0531-1572-43DD-BA53-ECB3EF52FA3F@verweg.com> In-Reply-To: <CAPyFy2AbP2X339zbemZ9Y8edjNKdyygnR9mH48Q78nxwDtOBAg@mail.gmail.com>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --] > On 3 Apr 2021, at 22:39, Ed Maste <emaste@freebsd.org> wrote: > > I propose deprecating the ftpd currently included in the base system > before FreeBSD 14, and opened review D26447 > (https://reviews.freebsd.org/D26447) to add a notice to the man page. > I had originally planned to try to do this before 13.0, but it dropped > off my list. FTP is not nearly as relevant now as it once was, and it > had a security vulnerability that secteam had to address. > > I'm happy to make a port for it if anyone needs it. Comments? Make it a port It is time to deprecate ftp altogether, and any other protocols that embed protocol information in layer 7, thus hurting any #IPv6 migration and deployment technology (SIIT-DC e.g). Hopefully the IETF can put up a deprecation notice, just as was done for e.g. TLS 1.0. Then we move onward to the self regulating capacity of the community, warning each other on “you have ftp” running. ftp, a protocol not using TLS protection but by adding it a netadmin needs to manage the port range in their firewalls too because clients behind nat can’t use passive mode with TLS as NAT can’t map things around ¯\_(ツ)_/¯ It is not worth the time and the hassle. Keep FTP(s) for legacy and internal, serve anyone else with https Best Regards, Ruben [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- iQIzBAEBAgAdFiEEJ5YXTZtFY5bgSLwXiG9r7NR3qT8FAmBq/iEACgkQiG9r7NR3 qT8OdA//bLLHtBxR3uNLa4Mzy9Dx9NVXEZuPJPvuqYusOuto15nOwHBSLAOEzFVM +vOzxwDl8/Z54o2sDPwSHBowbwHuSR3sNBAWQM9jpeM9VEnYRVIR4wiAxiWO9CyB 7sYtQkHd7eZ7gsxWUjcezWq2u6ct28Nx5bXFJfJcKH6Z9Dp3XTK/vT/xII3qIUaU oLykDRw1fCkVLbqL76l8SPh9npDYahNelsuyCr5iGPhEMABC/sI4YA8d7lKv+B7W wU/4I+8zAebLsVotQjI9Ppf+x+omrTVjUi9ZCCPzbmXhQw6qUGoKexD2KRuPcIQp ChVXBzGOtY/oNVyRze/SqsT8mYjrSQ3M8swdbutkX1N1U5W+Fi6DBSNnX959pPgc u9ePYeZXprHbmmVHf57mVnU9v3g4FeCiov2rS977j6XG+xXg4KD5KzyLcYV6pl59 DJn8Qp8k1reM/Mea9WbCmG4HKv/MDZqOFuF/xPUMs+rOYTuQeL6lrSNkHJS5ADAO xeOz4zHvpuuxbroIJktahLiUNbKHdQItNcsg3nScLwXQ4JnX4VjavxGj6mx2aMAA mqzBdAc+/0y1ImYDT0tCiJxcGwskv8ymQx4ILbTMbb3IgryxMx6XjjLgYkeIhZhy wj9qakaHFSaHXzV80GKeioVf4b9KeFTrOLEA6u4obyhTBXUxxXE= =dXRj -----END PGP SIGNATURE-----help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?38DE0531-1572-43DD-BA53-ECB3EF52FA3F>