From owner-freebsd-current@freebsd.org  Thu Sep 17 15:02:08 2020
Return-Path: <owner-freebsd-current@freebsd.org>
Delivered-To: freebsd-current@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id E3A523E2F1A
 for <freebsd-current@mailman.nyi.freebsd.org>;
 Thu, 17 Sep 2020 15:02:08 +0000 (UTC) (envelope-from ian@freebsd.org)
Received: from outbound5a.ore.mailhop.org (outbound5a.ore.mailhop.org
 [44.233.67.66])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 4BsgDH42q2z45SB
 for <freebsd-current@freebsd.org>; Thu, 17 Sep 2020 15:02:07 +0000 (UTC)
 (envelope-from ian@freebsd.org)
ARC-Seal: i=1; a=rsa-sha256; t=1600354920; cv=none;
 d=outbound.mailhop.org; s=arc-outbound20181012;
 b=l7GSnRl9eAsqo5mmDdtwpw+T3qsNLUyjPb9+VB2X6Q7xpeDKRwm3wxGp90CDrwh44JQozqlY74piY
 WwS+Oo4yDUfMmU8lCuisMy6mscp8FUdagAVWqnJXXd4N5fZhlbLFiEsRS7WI+5kNoXtwrm5yafXmvJ
 enOtdG2pUfAhedu2tcpGG7xa3RHa5h/+ld44Gh6KX112SClzA+bDTq6bsGLKILvd4fxUZkZAnyoZVM
 9wsDBYmovWcJNOMIGz2cB25JpCqpkI/xW6nJjh2vTbpY7Jc1C/6TEsWNXzw2HjF+9BDbTicQcmAjkn
 jhm28AeyFFyUHZVV+zwv/AB0c8tDyrw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;
 d=outbound.mailhop.org; s=arc-outbound20181012;
 h=content-transfer-encoding:mime-version:content-type:references:in-reply-to:
 date:cc:to:from:subject:message-id:dkim-signature:from;
 bh=Crw/AzucLWMQRU7/q5k1j2FZGkxLFQAsjdlceQHyXV0=;
 b=SMJGCUzfN2/XkuUtu/oATxxJ1Shf6MFziqPeUqH4zZBnLdjgVjI8PqSLUfAXvhWwhQCpRTebYZMg4
 fjZlS/U30alGybMNnZfVdKrGne7eqMIX9rSC94BN/89DrD/7m3IBxC40hXXCRhjdUKpvdDebflc95m
 esdcMI1ipKoydctbojHOCpy0sFtuzygOkzq6TUKyZzpfYu1G/l4Zk5GAVmiia09/hF70RQaDmMWBkn
 xcSzCgeJspkb/TRUOtzZWMJBnQdISyef/L0Xy0AfrWq6AW0dngdVDf4R3Qw/wCKnrDJ4LK3aFLb6QH
 uO32R4unFveLsLgk1A8+9Q35IgLK1Nw==
ARC-Authentication-Results: i=1; outbound3.ore.mailhop.org;
 spf=softfail smtp.mailfrom=freebsd.org smtp.remote-ip=67.177.211.60;
 dmarc=none header.from=freebsd.org;
 arc=none header.oldest-pass=0;
X-MHO-RoutePath: aGlwcGll
X-MHO-User: bb736f2e-f8f6-11ea-8b38-614106969e8d
X-Report-Abuse-To: https://support.duocircle.com/support/solutions/articles/5000540958-duocircle-standard-smtp-abuse-information
X-Originating-IP: 67.177.211.60
X-Mail-Handler: DuoCircle Outbound SMTP
Received: from ilsoft.org (c-67-177-211-60.hsd1.co.comcast.net [67.177.211.60])
 by outbound3.ore.mailhop.org (Halon) with ESMTPSA
 id bb736f2e-f8f6-11ea-8b38-614106969e8d;
 Thu, 17 Sep 2020 15:01:59 +0000 (UTC)
Received: from rev (rev [172.22.42.240])
 by ilsoft.org (8.15.2/8.15.2) with ESMTP id 08HF1v9s005668;
 Thu, 17 Sep 2020 09:01:57 -0600 (MDT) (envelope-from ian@freebsd.org)
Message-ID: <4d2c3d9dd633ed9a264cf3675dcbb4386f11ada3.camel@freebsd.org>
Subject: Re: Deprecating ftpd in the FreeBSD base system?
From: Ian Lepore <ian@freebsd.org>
To: Gleb Popov <arrowd@freebsd.org>, Cy Schubert <Cy.Schubert@cschubert.com>
Cc: Ed Maste <emaste@freebsd.org>, FreeBSD Current
 <freebsd-current@freebsd.org>
Date: Thu, 17 Sep 2020 09:01:57 -0600
In-Reply-To: <CALH631n=MEvoS+3qOo9nM6-VXYW85jVxv1ih1w=7kfW6E0feag@mail.gmail.com>
References: <CAPyFy2BHki84KuzP94AqTLk7v9FTAnLP-sa4HaFLq0kdxt0dEQ@mail.gmail.com>
 <202009171404.08HE4fZj007939@slippy.cwsent.com>
 <CALH631n=MEvoS+3qOo9nM6-VXYW85jVxv1ih1w=7kfW6E0feag@mail.gmail.com>
Content-Type: text/plain; charset="ASCII"
X-Mailer: Evolution 3.28.5 FreeBSD GNOME Team
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Rspamd-Queue-Id: 4BsgDH42q2z45SB
X-Spamd-Bar: /
X-Spamd-Result: default: False [0.00 / 15.00];
 ASN(0.00)[asn:16509, ipnet:44.224.0.0/11, country:US];
 local_wl_from(0.00)[freebsd.org]
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.33
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
 <freebsd-current.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current/>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Sep 2020 15:02:08 -0000

On Thu, 2020-09-17 at 18:43 +0400, Gleb Popov wrote:
> On Thu, Sep 17, 2020 at 6:05 PM Cy Schubert <
> Cy.Schubert@cschubert.com>
> wrote:
> 
> > I've been advocating removing FTP (and HTTP) from libfetch as well.
> > People
> > should be using HTTPS only.
> > 
> 
> Isn't this a bit too much? I often find myself in need to download
> something starting with "http://" or "ftp://" and use fetch for this.
> 

Indeed, we have products which rely on this ability in libfetch and we
have to keep supporting them for many many years to come.

I hate it when someone imperiously declares [For security reasons]
"People should/shouldn't be using ______".  You have no idea what the
context is, and thus no ability to declare what should or shouldn't be
used in that context.  For example, two embedded systems talking to
each other over a point to point link within a sealed device are not
concerned about man in the middle attacks or other modern internet
threats.

-- Ian