IETF Logo Mail Archive

Re: Call for Community Feedback: Retiring IETF FTP Service

Keith Moore <moore@network-heretics.com> Tue, 17 November 2020 15:45 UTC

Return-Path: <moore@network-heretics.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ADA403A1441 for <ietf@ietfa.amsl.com>; Tue, 17 Nov 2020 07:45:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, NICE_REPLY_A=-0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=messagingengine.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4tmVSLlk4AKT for <ietf@ietfa.amsl.com>; Tue, 17 Nov 2020 07:45:26 -0800 (PST)
Received: from out5-smtp.messagingengine.com (out5-smtp.messagingengine.com [66.111.4.29]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4A3F13A145A for <ietf@ietf.org>; Tue, 17 Nov 2020 07:45:17 -0800 (PST)
Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.nyi.internal (Postfix) with ESMTP id 283155C02C5 for <ietf@ietf.org>; Tue, 17 Nov 2020 10:45:16 -0500 (EST)
Received: from mailfrontend1 ([10.202.2.162]) by compute3.internal (MEProxy); Tue, 17 Nov 2020 10:45:16 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm1; bh=eft2iuAUmZr8Xl8Woozs247jM3F8SYCX3y8gfFrdw t0=; b=pjO0hQei6dMkFF1Q8BQHLElNNZCuNFuX1TAqaK4R6sbDyHbn9am5HhAjW khROx9XD7sJcPAWNSvUA7w0iQncy23Ht3YkMtOlxSpcfyIBQ/GG2YuAehM+GdND+ BlUSiY84o5rIKBIwH7Kt8sxAGNthvxk7dNFmAnt7u5PsMFFT1AKZ+BDQqkoTf/wL 3uMKD1UKPX8kDMiyj/9i3gJSETpWa71WSaZRmAAZNr5kcFDaajjlKidiOYPrAlDZ uzT3IM30JF2b3ZZl6zF0we9Z0hoqen0haM5zuJsdpsN/uPW+ojCQ4HhuTqq9OBiH /tBPlpSRlPxexBRb1/ZwVe9/66b1w==
X-ME-Sender: <xms:C_CzX0VFJJd6oDjgADITLS_insUba3eK5uzyxpEEF69Ldeg7y9A5UQ> <xme:C_CzX4mYP-oEVaFgNfJoILZfF4PbOyrTkWD8kbuQ49GiJy_jd8NVahV9o3fBibByL Nv6nOx_kKXlBg>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedujedrudeffedgjeelucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefuvfhfhffkffgfgggjtgfgsehtke ertddtfeejnecuhfhrohhmpefmvghithhhucfoohhorhgvuceomhhoohhrvgesnhgvthif ohhrkhdqhhgvrhgvthhitghsrdgtohhmqeenucggtffrrghtthgvrhhnpeehhfeutdehfe fgfefghfekhefguefgieduueegjeekfeelleeuieffteefueduueenucfkphepuddtkedr vddvuddrudektddrudehnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrg hilhhfrhhomhepmhhoohhrvgesnhgvthifohhrkhdqhhgvrhgvthhitghsrdgtohhm
X-ME-Proxy: <xmx:C_CzX4Zgy0P8pOogxTUVOD_4G9g-K98SUmCDmfECFNzyy-bNfWzbGg> <xmx:C_CzXzXpuwpAL_go_ym9GZZOvpEIkRqf7RBPxRg-SNipawuk01YN2A> <xmx:C_CzX-mtp5TSZXpO_qZXQYhRDpsq8xIM8RvZjES6MnRAvss5yHMMOQ> <xmx:DPCzX0nSTTWxJ_mw00c4d7gbNEsM5ayGmLxVlCyEJ0Pj0QyxC0fNIA>
Received: from [192.168.1.85] (108-221-180-15.lightspeed.knvltn.sbcglobal.net [108.221.180.15]) by mail.messagingengine.com (Postfix) with ESMTPA id A48883280065 for <ietf@ietf.org>; Tue, 17 Nov 2020 10:45:15 -0500 (EST)
Subject: Re: Call for Community Feedback: Retiring IETF FTP Service
To: ietf@ietf.org
References: <af6ab231024c478bbd28bbec0f9c69c9@cert.org> <0D41F3FD-BA1F-4716-A165-4FE7529431A9@vigilsec.com> <D26DCBB6-3997-4A73-BB46-867B4FD79BD2@eggert.org> <27b80ed2-76fb-aee7-f22d-de56019e9aa9@nostrum.com> <a8bdd67a-13ea-4433-aa38-9cfd48ea28da@network-heretics.com> <0e875497-9986-a0d9-8354-3eac26b7f882@nostrum.com> <a02e15f2-34fb-4124-7ba0-c0ee0070b39f@network-heretics.com> <6a29096e-c76e-9bde-388c-bf411b235346@nostrum.com> <6ff3c8a8-57c9-a278-51ce-ce24fd2dfc0e@network-heretics.com> <01RS3W7DNPHA005PTU@mauve.mrochek.com> <27622517-8EC3-44D1-BB21-1F2071BCA2C2@cable.comcast.com>
From: Keith Moore <moore@network-heretics.com>
Message-ID: <5dc7b0d1-d565-92c5-293e-093040596f35@network-heretics.com>
Date: Tue, 17 Nov 2020 10:45:13 -0500
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0
MIME-Version: 1.0
In-Reply-To: <27622517-8EC3-44D1-BB21-1F2071BCA2C2@cable.comcast.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/j7GcU5rEtyIww0E8tl29zT985O0>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Nov 2020 15:45:28 -0000

On 11/17/20 9:53 AM, Livingood, Jason wrote:

> Personal views - no hats.
>
> Time to retire the FTP service, just as other legacy protocols have been retired in the past. The IETF does not shy away from recommending that others encrypt everything, so we should take our own advice. As well, data clearly show there remains essentially no demand for FTP - users have adopted the HTTPS alternative.
I cannot say this often enough:   Traffic volume is not an indicator of 
importance.
>
> More detailed rationale:
> - Clearly the market has moved on. It does not cross the cost/benefit threshold to continue maintaining a service for so few connections (that all appear to be scripted machine-to-machine).
There is not one "market".   FTP is a different service than the web, 
with distinct advantages over the web.   And traffic volume is not an 
indicator of importance.
> - FTP support has been removed from browser clients. As Mozilla wrote, "FTP is an insecure protocol and there are no reasons to prefer it over HTTPS for downloading resources."
I personally find that unfortunate, but support in browser clients is 
not an indicator of FTP's utility either.   One reason to use FTP is 
that browser clients are really poor tools for some kinds of file 
transfer, especially if you want to transfer multiple files with minimum 
human interaction.
> - It is not encrypted. The IETF & IAB have been aggressive in pushing for pervasive encryption [1] so it is illogical that we would not make such a change on our own information resources. Per the IAB, "The IAB now believes it is important for protocol designers, developers, and operators to make encryption the norm for Internet traffic."

"the norm" != "required".   I'd be happy to see a version of FTP that 
supports encrypted transmission as an option, as long as it were 
optional.   (Are those web browsers that are deprecating FTP also 
deprecating HTTP without TLS?)

And as Ned pointed out, there are still reasons to use unencrypted 
transmission on occasion.

Also, perhaps the IETF and IAB should be a bit less dogmatic, in light 
of experience.  I keep seeing situations in which deprecation of old TLS 
versions is breaking systems for which there is no browser that supports 
the new TLS versions.  IMO this does significant harm.   I realize some 
people believe in planned obsolescence, but I don't think they have a 
good case.

Keith

v2.23.0 | Report a Bug | By Email