Ned,
On 11/17/20 9:01 AM, ned+ietf@xxxxxxxxxxxxxxxxx wrote:
The discussion of FTP service retirement has actually been surprisinginly
informative. Things I've learned include:
(1) The IETF no longer provides HTTP access, leaving FTP as the only
access mechanism that doesn't require a crypto layer. With FTP gone,
crypto becomes a requirement for access.
I do not use crypto with rsync.
(2) Some people believe implementation of an FTP client is difficult,
more difficult than implementing HTTPS.
(3) There is concern over the attack surface of an FTP server, but in
practically the same breath (message) people are considering getting
back some functionality by deploying WebDAV.
I mention (2) and (3) because I always find it interesting how people weigh
various tradeoffs.
For me the decider is (1). I don't like FTP all that much, but if it's
the only remaining access mechanism that doesn't call for crypto, I like
losing it a whole lot less.
Let's please keep the FTP servers going.
Ned
