> On 3 Apr 2021, at 22:39, Ed Maste <ema...@freebsd.org> wrote: > > I propose deprecating the ftpd currently included in the base system > before FreeBSD 14, and opened review D26447 > (https://reviews.freebsd.org/D26447) to add a notice to the man page. > I had originally planned to try to do this before 13.0, but it dropped > off my list. FTP is not nearly as relevant now as it once was, and it > had a security vulnerability that secteam had to address. > > I'm happy to make a port for it if anyone needs it. Comments?
Make it a port
It is time to deprecate ftp altogether, and any other protocols that embed
protocol information in layer 7, thus hurting any #IPv6 migration and
deployment technology (SIIT-DC e.g).
Hopefully the IETF can put up a deprecation notice, just as was done for e.g.
TLS 1.0.
Then we move onward to the self regulating capacity of the community, warning
each other on “you have ftp” running.
ftp, a protocol not using TLS protection but by adding it a netadmin needs to
manage the port range in their firewalls too because clients behind nat can’t
use passive mode with TLS as NAT can’t map things around ¯\_(ツ)_/¯
It is not worth the time and the hassle. Keep FTP(s) for legacy and internal,
serve anyone else with https
Best Regards,
Ruben
signature.asc
Description: Message signed with OpenPGP
