[Tools-discuss] Re: [EXTERNAL] Re: Re: Fwd: Brief outage for the RPC infrastructure tomorrow (15May)

John C Klensin <john-ietf@jck.com> Thu, 16 May 2024 21:41 UTC

Return-Path: <john-ietf@jck.com>
X-Original-To: tools-discuss@ietfa.amsl.com
Delivered-To: tools-discuss@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 5C9AFC169421 for <tools-discuss@ietfa.amsl.com>; Thu, 16 May 2024 14:41:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id 1arbL40UBbSY for <tools-discuss@ietfa.amsl.com>; Thu, 16 May 2024 14:41:36 -0700 (PDT)
Received: from bsa2.jck.com (bsa2.jck.com []) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BF1C5C16943E for <tools-discuss@ietf.org>; Thu, 16 May 2024 14:41:36 -0700 (PDT)
Received: from [] (helo=PSB) by bsa2.jck.com with esmtp (Exim 4.82 (FreeBSD)) (envelope-from <john-ietf@jck.com>) id 1s7iqm-0004Tx-3N; Thu, 16 May 2024 17:41:20 -0400
Date: Thu, 16 May 2024 17:41:13 -0400
From: John C Klensin <john-ietf@jck.com>
To: Eric Rescorla <ekr@rtfm.com>, Brian E Carpenter <brian.e.carpenter@gmail.com>
Message-ID: <1FAA25DF371CCB1EC1A01EBD@PSB>
In-Reply-To: <CABcZeBOiTk0hw=UoSUGnhaHh7=_NwvfdyboNyw_1s1bpy6oo1w@mail.gmail.com>
References: <8dac60d8-6845-47aa-83c5-c113c30b6000@nostrum.com> <7f20db7c-fbd6-4b94-a7fd-07805b0d69e0@nostrum.com> <CF619D24477ABD0762BAC91D@PSB> <debba2c7-7fd5-467c-9734-0c0dca34ed42@nostrum.com> <A3865504-5F56-41DB-84A4-677A79101A50@comcast.com> <cd5573ae-4aff-46f3-b51f-5b466b372393@nostrum.com> <0ACDF645-F5FD-46D7-8BC9-CC4299662351@comcast.com> <1191a1d4-7011-490d-b02e-1f7c6cb21136@amsl.com> <169a5c1f-fff4-43bc-8474-3922b98c5dff@gmail.com> <CABcZeBOiTk0hw=UoSUGnhaHh7=_NwvfdyboNyw_1s1bpy6oo1w@mail.gmail.com>
X-Mailer: Mulberry/4.0.8 (Win32)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
X-SA-Exim-Mail-From: john-ietf@jck.com
X-SA-Exim-Scanned: No (on bsa2.jck.com); SAEximRunCond expanded to false
X-MailFrom: john-ietf@jck.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tools-discuss.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Robert Sparks <rjsparks@nostrum.com>, tools-discuss <tools-discuss@ietf.org>, Jay Daley <jay@staff.ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [Tools-discuss] Re: [EXTERNAL] Re: Re: Fwd: Brief outage for the RPC infrastructure tomorrow (15May)
List-Id: IETF Tools Discussion <tools-discuss.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tools-discuss/trGWoe3nZUAqNlyNvId56kdFMJQ>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tools-discuss>
List-Help: <mailto:tools-discuss-request@ietf.org?subject=help>
List-Owner: <mailto:tools-discuss-owner@ietf.org>
List-Post: <mailto:tools-discuss@ietf.org>
List-Subscribe: <mailto:tools-discuss-join@ietf.org>
List-Unsubscribe: <mailto:tools-discuss-leave@ietf.org>

--On Thursday, May 16, 2024 14:00 -0700 Eric Rescorla <ekr@rtfm.com>

> On Thu, May 16, 2024 at 1:34 PM Brian E Carpenter <
> brian.e.carpenter@gmail.com> wrote:
>> On 17-May-24 05:53, Jean Mahoney wrote:
>> > Hi all,
>> > 
>> > On 5/16/24 12:24 PM, Livingood, Jason wrote:
>> >>>> I thought the IETF stopped supporting FTP interfaces to IETF
>> >>>> content
>> a few years ago?
>> >>> The IETF did, yes - see RFC 9141.
>> >>> The RFC Editor has not made a similar change.
>> >> 
>> >> No time like the present to align the RFCE site then! ;-)
>> > 
>> > [JM] The RPC is not currently planning to turn off FTP. We would
>> > seek more community feedback before making such a decision.
>> Turning it off if people use it would be performative, and nothing
>> to do with security.
> I don't particularly care whether the RPC chooses to publish
> documents via FTP [0], but this statement is not correct.
> Retrieving the documents over HTTPS provides both:
> 1. Confidentiality of which document is retrieved.
> 2. Integrity of the document contents (to the level that this is
> what the server currently believes).
> FTP provides neither of these.

For the first, presumably, those using FTP either understand the
issue and are not concerned about keeping that information
confidential or are willing to trade the privacy for convenience.  If
"we" believe that "they" should not feel that way, the solution is an
educational project, not shutting down FTP.

If we are concerned about the second, it would probably be
appropriate to start publishing (and publicizing) verifiable document
signatures that are established by the RPC.  Such a mechanism would
avoid questions about how much one should trust one's friendly cloud
provider and would presumably provide an integrity test on documents
no matter how or from where they are retrieved.