RE: Call for Community Feedback: Retiring IETF FTP Service

Roman Danyliw <rdd@cert.org> Fri, 13 November 2020 15:45 UTC

Return-Path: <rdd@cert.org>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C898C3A0E07 for <ietf@ietfa.amsl.com>; Fri, 13 Nov 2020 07:45:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cert.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ONQaZyQeyBw5 for <ietf@ietfa.amsl.com>; Fri, 13 Nov 2020 07:44:59 -0800 (PST)
Received: from veto.sei.cmu.edu (veto.sei.cmu.edu [147.72.252.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AE8F03A0DFF for <ietf@ietf.org>; Fri, 13 Nov 2020 07:44:59 -0800 (PST)
Received: from delp.sei.cmu.edu (delp.sei.cmu.edu [10.64.21.31]) by veto.sei.cmu.edu (8.14.7/8.14.7) with ESMTP id 0ADFiYgo004479; Fri, 13 Nov 2020 10:44:34 -0500
DKIM-Filter: OpenDKIM Filter v2.11.0 veto.sei.cmu.edu 0ADFiYgo004479
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cert.org; s=yc2bmwvrj62m; t=1605282275; bh=NtgFF/Jr2KybJOH+Qi1YL1K9VFNAQq0yfZG1WKeC5eY=; h=From:To:CC:Subject:Date:References:In-Reply-To:From; b=J1Ann8XwXptiE5pL8U/qJA2J0Nj5vIoDTJq/qKIJlTL10Jp/Iy1gizyqs54l/sWQi ip0TV6eaPmk+WptWm70Vjh2wwlfBTBsA/BWNwk8qxE7VP2hGAMJeYz50u3WttSe1pi 4ANFxYkuxF8CaL3AKUBBoJEkMxsmwWYEmYxNkaCI=
Received: from MURIEL.ad.sei.cmu.edu (muriel.ad.sei.cmu.edu [147.72.252.47]) by delp.sei.cmu.edu (8.14.7/8.14.7) with ESMTP id 0ADFiUAi043340; Fri, 13 Nov 2020 10:44:30 -0500
Received: from MORRIS.ad.sei.cmu.edu (147.72.252.46) by MURIEL.ad.sei.cmu.edu (147.72.252.47) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2106.2; Fri, 13 Nov 2020 10:44:29 -0500
Received: from MORRIS.ad.sei.cmu.edu ([fe80::555b:9498:552e:d1bb]) by MORRIS.ad.sei.cmu.edu ([fe80::555b:9498:552e:d1bb%13]) with mapi id 15.01.2106.002; Fri, 13 Nov 2020 10:44:29 -0500
From: Roman Danyliw <rdd@cert.org>
To: Larry Masinter <LMM@acm.org>
CC: Toerless Eckert <tte@cs.fau.de>, "ietf@ietf.org" <ietf@ietf.org>
Subject: RE: Call for Community Feedback: Retiring IETF FTP Service
Thread-Topic: Call for Community Feedback: Retiring IETF FTP Service
Thread-Index: Ada3CD1BnAYFDyoMT8WUdvX4VBiWMQA1jFUAACeOSpAAGQ9XgAAFKS+g
Date: Fri, 13 Nov 2020 15:44:28 +0000
Message-ID: <2d35caafeba741d3842511d3b7242511@cert.org>
References: <af6ab231024c478bbd28bbec0f9c69c9@cert.org> <20201110225502.GA60333@faui48f.informatik.uni-erlangen.de> <d08945117193451596a4f3860113747e@cert.org> <CAKq15vcprxiKHLx_GD7oCp4hU-CA63xwTNMPu4omaSZF7OJ_eg@mail.gmail.com>
In-Reply-To: <CAKq15vcprxiKHLx_GD7oCp4hU-CA63xwTNMPu4omaSZF7OJ_eg@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.64.203.59]
Content-Type: multipart/alternative; boundary="_000_2d35caafeba741d3842511d3b7242511certorg_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/_slYpA7EmYg839kEkg_jRYcoyhc>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 Nov 2020 15:45:02 -0000

Hi Larry!

Per “~91 different users that's a lot”, I’d like to put that into perspective – this number means that 140 unique IP address used the FTP service.  In comparison, _only one_ of our HTTPS services exposing only a subset of this information saw on average ~654,430 unique addresses.  This makes FTP at best 0.02% of unique visitors (again, likely a lot less if full HTTPS logs were available).

I don’t mean to trivialize the visits of these 140 IPs (minus the 35 that came from a search engine looking for robots.txt), but let’s be clear, there is a very, very, very small population being served with FTP as measured by request volume (<0.2%) or unique visitors (<0.02%).  See [1] for details.  No access to information is being taken away.  As noted in [2], alternative means for access the same information is available.  Furthermore, analysis of the usage patterns [1] suggests that most of the requests (96-98%) are trying to sync parts of the FTP repo.  This style of access can be replicated with rsync.  Hence, not only is access preserved, but also possible without custom tooling.

Bottom line (for me) is that the data overwhelming shows that the community has moved to using other services.  This is why the Tools Team asked the IESG to pose the question to the community.

I fully recognize that there may be custom scripts among those IP addresses hitting FTP.  It isn’t clear how many, but it is no more than half of the 140 IP addresses [1].  Sunsetting FTP will break some code – those users will incur a penalty here.

To the community -- If you can’t or don’t have time to convert your FTP script; or need help configuring rsync, please reach out directly to me.  I, volunteer developers from my employer (Carnegie Mellon University’s Software Engineering Institute) or the Tools Team, within reason, will help you port your code or workflow, or answer questions about the services provided by the IETF infrastructure.

Lastly, I’ve been sharing all sorts of updated stats in response to questions.  I want to acknowledge and thank Glen Barney, Henrik Levkowetz, and Robert Sparks on the Tools Team who are pulling these numbers for us (found in [1] and [2]) and clarifying infrastructure details so we’re not speculating about hypotheticals.

Regards,
Roman

[1] https://docs.google.com/document/d/1JAXspeaMWFl8ML3hSezFSM0VsJsHI4uyDlQ2dHip8jo/edit#
[2] https://www.ietf.org/media/documents/Retiring_IETF_FTP_Service.pdf
[3] https://mailarchive.ietf.org/arch/msg/ietf/py_9b486x8x2io6d5dAb3FAgNng/




From: Larry Masinter <LMM@acm.org>
Sent: Thursday, November 12, 2020 12:45 AM
To: Roman Danyliw <rdd@cert.org>
Cc: Toerless Eckert <tte@cs.fau.de>; ietf@ietf.org
Subject: Re: Call for Community Feedback: Retiring IETF FTP Service

I read your data differently. If you have ~91 different users that's a lot.

[Roman] That is for the community to discuss.

Speaking personally, at first blush, perhaps 91 might seem like a lot.

We might have to agree to disagree on this.  On the face it, perhaps 91 is a lot,

I agree with the sentiment that you've spent more attention bandwidth trying to retire the service than it should take to run it a few more years.
Chrome had a 2-year plan
https://docs.google.com/document/d/1JUra5HnsbR_xmtQctkb2iVxRPuhPWhMB5M_zpbuGxTY/edit#heading=h.7bs9792ml0ln
to remove ftp from the browser by 2q 2021

  https://news.ycombinator.com/item?id=20721609
Anyway, cool url's don't change.


but c

[2]