Date: Thu, 17 Sep 2020 09:01:57 -0600 From: Ian Lepore <ian@freebsd.org> To: Gleb Popov <arrowd@freebsd.org>, Cy Schubert <Cy.Schubert@cschubert.com> Cc: Ed Maste <emaste@freebsd.org>, FreeBSD Current <freebsd-current@freebsd.org> Subject: Re: Deprecating ftpd in the FreeBSD base system? Message-ID: <4d2c3d9dd633ed9a264cf3675dcbb4386f11ada3.camel@freebsd.org> In-Reply-To: <CALH631n=MEvoS%2B3qOo9nM6-VXYW85jVxv1ih1w=7kfW6E0feag@mail.gmail.com> References: <CAPyFy2BHki84KuzP94AqTLk7v9FTAnLP-sa4HaFLq0kdxt0dEQ@mail.gmail.com> <202009171404.08HE4fZj007939@slippy.cwsent.com> <CALH631n=MEvoS%2B3qOo9nM6-VXYW85jVxv1ih1w=7kfW6E0feag@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 2020-09-17 at 18:43 +0400, Gleb Popov wrote: > On Thu, Sep 17, 2020 at 6:05 PM Cy Schubert < > Cy.Schubert@cschubert.com> > wrote: > > > I've been advocating removing FTP (and HTTP) from libfetch as well. > > People > > should be using HTTPS only. > > > > Isn't this a bit too much? I often find myself in need to download > something starting with "http://" or "ftp://" and use fetch for this. > Indeed, we have products which rely on this ability in libfetch and we have to keep supporting them for many many years to come. I hate it when someone imperiously declares [For security reasons] "People should/shouldn't be using ______". You have no idea what the context is, and thus no ability to declare what should or shouldn't be used in that context. For example, two embedded systems talking to each other over a point to point link within a sealed device are not concerned about man in the middle attacks or other modern internet threats. -- Ian
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4d2c3d9dd633ed9a264cf3675dcbb4386f11ada3.camel>