Date: Mon, 5 Apr 2021 14:10:09 +0200 From: Ruben van Staveren <ruben@verweg.com> To: freebsd-stable stable <freebsd-stable@freebsd.org> Subject: Re: Deprecating base system ftpd? Message-ID: <38DE0531-1572-43DD-BA53-ECB3EF52FA3F@verweg.com> In-Reply-To: <CAPyFy2AbP2X339zbemZ9Y8edjNKdyygnR9mH48Q78nxwDtOBAg@mail.gmail.com> References: <CAPyFy2AbP2X339zbemZ9Y8edjNKdyygnR9mH48Q78nxwDtOBAg@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--Apple-Mail=_5BCF84FF-F2D6-487C-9A6D-C2A114E353E7 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 > On 3 Apr 2021, at 22:39, Ed Maste <emaste@freebsd.org> wrote: >=20 > I propose deprecating the ftpd currently included in the base system > before FreeBSD 14, and opened review D26447 > (https://reviews.freebsd.org/D26447) to add a notice to the man page. > I had originally planned to try to do this before 13.0, but it dropped > off my list. FTP is not nearly as relevant now as it once was, and it > had a security vulnerability that secteam had to address. >=20 > I'm happy to make a port for it if anyone needs it. Comments? Make it a port It is time to deprecate ftp altogether, and any other protocols that = embed protocol information in layer 7, thus hurting any #IPv6 migration = and deployment technology (SIIT-DC e.g). Hopefully the IETF can put up a deprecation notice, just as was done for = e.g. TLS 1.0. Then we move onward to the self regulating capacity of the community, = warning each other on =E2=80=9Cyou have ftp=E2=80=9D running. ftp, a protocol not using TLS protection but by adding it a netadmin = needs to manage the port range in their firewalls too because clients = behind nat can=E2=80=99t use passive mode with TLS as NAT can=E2=80=99t = map things around =C2=AF\_(=E3=83=84)_/=C2=AF It is not worth the time and the hassle. Keep FTP(s) for legacy and = internal, serve anyone else with https Best Regards, Ruben --Apple-Mail=_5BCF84FF-F2D6-487C-9A6D-C2A114E353E7 Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP -----BEGIN PGP SIGNATURE----- iQIzBAEBAgAdFiEEJ5YXTZtFY5bgSLwXiG9r7NR3qT8FAmBq/iEACgkQiG9r7NR3 qT8OdA//bLLHtBxR3uNLa4Mzy9Dx9NVXEZuPJPvuqYusOuto15nOwHBSLAOEzFVM +vOzxwDl8/Z54o2sDPwSHBowbwHuSR3sNBAWQM9jpeM9VEnYRVIR4wiAxiWO9CyB 7sYtQkHd7eZ7gsxWUjcezWq2u6ct28Nx5bXFJfJcKH6Z9Dp3XTK/vT/xII3qIUaU oLykDRw1fCkVLbqL76l8SPh9npDYahNelsuyCr5iGPhEMABC/sI4YA8d7lKv+B7W wU/4I+8zAebLsVotQjI9Ppf+x+omrTVjUi9ZCCPzbmXhQw6qUGoKexD2KRuPcIQp ChVXBzGOtY/oNVyRze/SqsT8mYjrSQ3M8swdbutkX1N1U5W+Fi6DBSNnX959pPgc u9ePYeZXprHbmmVHf57mVnU9v3g4FeCiov2rS977j6XG+xXg4KD5KzyLcYV6pl59 DJn8Qp8k1reM/Mea9WbCmG4HKv/MDZqOFuF/xPUMs+rOYTuQeL6lrSNkHJS5ADAO xeOz4zHvpuuxbroIJktahLiUNbKHdQItNcsg3nScLwXQ4JnX4VjavxGj6mx2aMAA mqzBdAc+/0y1ImYDT0tCiJxcGwskv8ymQx4ILbTMbb3IgryxMx6XjjLgYkeIhZhy wj9qakaHFSaHXzV80GKeioVf4b9KeFTrOLEA6u4obyhTBXUxxXE= =dXRj -----END PGP SIGNATURE----- --Apple-Mail=_5BCF84FF-F2D6-487C-9A6D-C2A114E353E7--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?38DE0531-1572-43DD-BA53-ECB3EF52FA3F>