On 9/17/20 12:49 PM, John-Mark Gurney wrote: > Ian Lepore wrote this message on Thu, Sep 17, 2020 at 09:01 -0600: >> On Thu, 2020-09-17 at 18:43 +0400, Gleb Popov wrote: >>> On Thu, Sep 17, 2020 at 6:05 PM Cy Schubert < >>> Cy.Schubert_at_cschubert.com> >>> wrote: >>> >>>> I've been advocating removing FTP (and HTTP) from libfetch as well. >>>> People >>>> should be using HTTPS only. >>>> >>> Isn't this a bit too much? I often find myself in need to download >>> something starting with "http://" or "ftp://" and use fetch for this. >> Indeed, we have products which rely on this ability in libfetch and we >> have to keep supporting them for many many years to come. >> >> I hate it when someone imperiously declares [For security reasons] >> "People should/shouldn't be using ______". You have no idea what the >> context is, and thus no ability to declare what should or shouldn't be >> used in that context. For example, two embedded systems talking to >> each other over a point to point link within a sealed device are not >> concerned about man in the middle attacks or other modern internet >> threats. > And I really dislike when people want to make sure that their unique > case that less than a percent of people would every hit blocks the > security improvements for the majority of people... > > I've given up on a number of security improvements in FreeBSD because > of this attitude... > while i tend to agree with you here - i would say that in this case there is a very large use case where preservation of http is very important to a wide base of users: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instancedata-data-retrieval.html https://cloud.google.com/compute/docs/storing-retrieving-metadata https://docs.microsoft.com/en-us/azure/virtual-machines/windows/instance-metadata-service regarding the main topic tho - dropping ftpd from base seems like a good iteration in clearing out cruft from the code base so we can focus on things with much larger user bases. fortunately we have an excellent ports/pkg infrastructure to service this need if it arises. -pete -- Pete Wright pete_at_nomadlogic.org _at_nomadlogicLAReceived on Thu Sep 17 2020 - 17:58:31 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:25 UTC