From owner-freebsd-stable@freebsd.org  Mon Apr  5 15:57:34 2021
Return-Path: <owner-freebsd-stable@freebsd.org>
Delivered-To: freebsd-stable@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 93C6F5BD5EB
 for <freebsd-stable@mailman.nyi.freebsd.org>;
 Mon,  5 Apr 2021 15:57:34 +0000 (UTC) (envelope-from lev@FreeBSD.org)
Received: from smtp.freebsd.org (smtp.freebsd.org
 [IPv6:2610:1c1:1:606c::24b:4])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4FDZzy3kWkz4lwB;
 Mon,  5 Apr 2021 15:57:34 +0000 (UTC) (envelope-from lev@FreeBSD.org)
Received: from onlyone.not-for.work (onlyone.not-for.work [148.251.9.81])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 (Authenticated sender: lev/mail)
 by smtp.freebsd.org (Postfix) with ESMTPSA id 5360E24EB;
 Mon,  5 Apr 2021 15:57:34 +0000 (UTC) (envelope-from lev@FreeBSD.org)
Received: from [192.168.134.16] (unknown [94.19.224.8])
 (Authenticated sender: lev@serebryakov.spb.ru)
 by onlyone.not-for.work (Postfix) with ESMTPSA id 62B5D124C5;
 Mon,  5 Apr 2021 18:57:32 +0300 (MSK)
Reply-To: lev@FreeBSD.org
Subject: Re: Deprecating base system ftpd?
To: Cy Schubert <Cy.Schubert@cschubert.com>
Cc: freebsd-stable stable <freebsd-stable@freebsd.org>
References: <CAPyFy2AbP2X339zbemZ9Y8edjNKdyygnR9mH48Q78nxwDtOBAg@mail.gmail.com>
 <202104051444.135EixF6025306@slippy.cwsent.com>
From: Lev Serebryakov <lev@FreeBSD.org>
Organization: FreeBSD
Message-ID: <efc525eb-46d6-5b13-3cec-e00b80b7ec45@FreeBSD.org>
Date: Mon, 5 Apr 2021 18:57:31 +0300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101
 Thunderbird/78.9.0
MIME-Version: 1.0
In-Reply-To: <202104051444.135EixF6025306@slippy.cwsent.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-stable>, 
 <mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable/>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
 <mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Apr 2021 15:57:34 -0000

On 05.04.2021 17:44, Cy Schubert wrote:

> - remove ftp:// and http:// from libfetch. This is 2021 and we should all
> use https://.
  Please, explain how to setup simple sever which allows upload and on-server file management with https ;-)

  I know letters "WebDAV", but I don't know any ftp-like client for it. And server is apache24, which is much more huge security target than simple ftpd.

  Even `sftp` is ugly.

> - replace DNS lookups with DoH and/or DoT. Why let your ISP see your DNS
> traffic?

  As soon as FreeBSD will include in *base* system DoH/DoT recursive server (as it includes unbound for simple DNS now). I don't understand why should I trust "centralized" DoH services.

  Do we want to import libnghttp2 to base for this?


-- 
// Lev Serebryakov