From owner-freebsd-current@freebsd.org Thu Sep 17 17:07:38 2020 Return-Path: Delivered-To: freebsd-current@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 5B1DD3E73DD for ; Thu, 17 Sep 2020 17:07:38 +0000 (UTC) (envelope-from sgk@troutmask.apl.washington.edu) Received: from troutmask.apl.washington.edu (troutmask.apl.washington.edu [128.95.76.21]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "troutmask", Issuer "troutmask" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Bsk153dyfz4JWJ; Thu, 17 Sep 2020 17:07:37 +0000 (UTC) (envelope-from sgk@troutmask.apl.washington.edu) Received: from troutmask.apl.washington.edu (localhost [127.0.0.1]) by troutmask.apl.washington.edu (8.16.1/8.16.1) with ESMTPS id 08HH7SO6035851 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO); Thu, 17 Sep 2020 10:07:28 -0700 (PDT) (envelope-from sgk@troutmask.apl.washington.edu) Received: (from sgk@localhost) by troutmask.apl.washington.edu (8.16.1/8.16.1/Submit) id 08HH7S0b035850; Thu, 17 Sep 2020 10:07:28 -0700 (PDT) (envelope-from sgk) Date: Thu, 17 Sep 2020 10:07:28 -0700 From: Steve Kargl To: Ian Lepore Cc: Gleb Popov , Cy Schubert , Ed Maste , FreeBSD Current Subject: Re: Deprecating ftpd in the FreeBSD base system? Message-ID: <20200917170728.GA35842@troutmask.apl.washington.edu> References: <202009171404.08HE4fZj007939@slippy.cwsent.com> <4d2c3d9dd633ed9a264cf3675dcbb4386f11ada3.camel@freebsd.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4d2c3d9dd633ed9a264cf3675dcbb4386f11ada3.camel@freebsd.org> X-Rspamd-Queue-Id: 4Bsk153dyfz4JWJ X-Spamd-Bar: / X-Spamd-Result: default: False [0.44 / 15.00]; SUBJECT_ENDS_QUESTION(1.00)[]; ARC_NA(0.00)[]; RCVD_TLS_ALL(0.00)[]; FROM_HAS_DN(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; MIME_GOOD(-0.10)[text/plain]; NEURAL_HAM_LONG(-0.55)[-0.546]; NEURAL_SPAM_MEDIUM(0.02)[0.021]; RCPT_COUNT_FIVE(0.00)[5]; TO_MATCH_ENVRCPT_SOME(0.00)[]; TO_DN_ALL(0.00)[]; NEURAL_HAM_SHORT(-0.04)[-0.040]; R_SPF_NA(0.00)[no SPF record]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:73, ipnet:128.95.0.0/16, country:US]; RCVD_COUNT_TWO(0.00)[2]; MAILMAN_DEST(0.00)[freebsd-current]; DMARC_POLICY_SOFTFAIL(0.10)[washington.edu : No valid SPF, No valid DKIM, none] X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Sep 2020 17:07:38 -0000 On Thu, Sep 17, 2020 at 09:01:57AM -0600, Ian Lepore wrote: > On Thu, 2020-09-17 at 18:43 +0400, Gleb Popov wrote: > > On Thu, Sep 17, 2020 at 6:05 PM Cy Schubert < > > Cy.Schubert@cschubert.com> > > wrote: > > > > > I've been advocating removing FTP (and HTTP) from libfetch as well. > > > People > > > should be using HTTPS only. > > > > > > > Isn't this a bit too much? I often find myself in need to download > > something starting with "http://" or "ftp://" and use fetch for this. > > > > Indeed, we have products which rely on this ability in libfetch and we > have to keep supporting them for many many years to come. > > I hate it when someone imperiously declares [For security reasons] > "People should/shouldn't be using ______". You have no idea what the > context is, and thus no ability to declare what should or shouldn't be > used in that context. For example, two embedded systems talking to > each other over a point to point link within a sealed device are not > concerned about man in the middle attacks or other modern internet > threats. > +1 My small FreeBSD-based HPC cluster is deattached from the internet. -- Steve