Re: Call for Community Feedback: Retiring IETF FTP Service

Adam Roach <adam@nostrum.com> Mon, 16 November 2020 22:15 UTC

Return-Path: <adam@nostrum.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1A8E63A153D for <ietf@ietfa.amsl.com>; Mon, 16 Nov 2020 14:15:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.079
X-Spam-Level:
X-Spam-Status: No, score=-2.079 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_BLOCKED=0.001, T_SPF_HELO_PERMERROR=0.01, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nostrum.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id semvIw_10CLv for <ietf@ietfa.amsl.com>; Mon, 16 Nov 2020 14:15:51 -0800 (PST)
Received: from nostrum.com (raven-v6.nostrum.com [IPv6:2001:470:d:1130::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4E7953A1539 for <ietf@ietf.org>; Mon, 16 Nov 2020 14:15:51 -0800 (PST)
Received: from Zephyrus.local (76-218-40-253.lightspeed.dllstx.sbcglobal.net [76.218.40.253]) (authenticated bits=0) by nostrum.com (8.16.1/8.16.1) with ESMTPSA id 0AGMFmUh085277 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO); Mon, 16 Nov 2020 16:15:49 -0600 (CST) (envelope-from adam@nostrum.com)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=nostrum.com; s=default; t=1605564949; bh=ZKkthRy9To6ntxZeJi1Hws850NC6zg37YgT4xT49TiI=; h=Subject:To:References:From:Date:In-Reply-To; b=qIn3caGm2jbtwNezhW+toesnR98Io2vbfFcvktBP4cpf+6zC7hSnvlAsyrEoJfDET TaYR5OY6TJTGG1GgPAWK7LFIsAkFNQK8kyu/NNUlnPVoi2TdQQeRzkgaWCegOmCWyB wvSx6QaFK9YOScSaqOi+BwRpXq0ypSeOReHHhvKo=
X-Authentication-Warning: raven.nostrum.com: Host 76-218-40-253.lightspeed.dllstx.sbcglobal.net [76.218.40.253] claimed to be Zephyrus.local
Subject: Re: Call for Community Feedback: Retiring IETF FTP Service
To: Keith Moore <moore@network-heretics.com>, ietf@ietf.org
References: <af6ab231024c478bbd28bbec0f9c69c9@cert.org> <0D41F3FD-BA1F-4716-A165-4FE7529431A9@vigilsec.com> <D26DCBB6-3997-4A73-BB46-867B4FD79BD2@eggert.org> <27b80ed2-76fb-aee7-f22d-de56019e9aa9@nostrum.com> <a8bdd67a-13ea-4433-aa38-9cfd48ea28da@network-heretics.com>
From: Adam Roach <adam@nostrum.com>
Message-ID: <0e875497-9986-a0d9-8354-3eac26b7f882@nostrum.com>
Date: Mon, 16 Nov 2020 16:15:42 -0600
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:68.0) Gecko/20100101 Thunderbird/68.11.0
MIME-Version: 1.0
In-Reply-To: <a8bdd67a-13ea-4433-aa38-9cfd48ea28da@network-heretics.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/oH68nGeB3GH-MnnRlaQvea6rhcg>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Nov 2020 22:15:53 -0000

On 11/16/20 11:12, Keith Moore wrote:
> On 11/16/20 11:48 AM, Adam Roach wrote:
>
>> In the analysis, I think there are two costs to consider and one 
>> benefit. The benefit of leaving it online, of course, is that some 
>> small group of users still find utility in FTP.
>
> IMO that misstates the benefit.   A stable service can have a large 
> (and long-term) benefit even if only a few clients at a time use it.


Only read in a vacuum. If you read further, I argue for the stable 
interfaces you want. I believe that your objections (here and elsewhere) 
mentioning "user interface" conflate HTTP (transport) with HTML 
(markup), and mixing user interface into the RFCs isn't a foregone 
conclusion: the requirement you have of not mixing display in with 
documents is why I suggest that raw versions be made available. And I 
even argue for making the filesystem mountable like you requested, even 
if I consider that use case to be a bit baroque.

I'm sympathetic to the position that all change can be disruptive, and I 
understand that you know how FTP works and are comfortable with it. At 
the same time, I'm not yet seeing any requirements that you've put forth 
that can't be met pretty trivially with HTTP, other than an inferred 
bedrock requirement of "this must not change at all."

I get it. It's annoying when a technology we like falls by the wayside. 
But I think the costs I describe in my previous message are real, and 
the use cases described so far can be entirely met with HTTP. So I think 
a critical evaluation of the pros and cons points to retiring the 
service. YMMV, of course, but I encourage you to reflect a bit more on 
how much of your reaction is pushback on any change at all versus 
actually losing the ability to do what you want to do.

/a