On 11/17/20 9:51 AM, Roman Danyliw wrote:
Hi Ned! Thanks for the feedback.-----Original Message----- From: ietf <ietf-bounces@xxxxxxxx> On Behalf Of ned+ietf@xxxxxxxxxxxxxxxxx Sent: Tuesday, November 17, 2020 9:02 AM To: ietf@xxxxxxxx Cc: Keith Moore <moore@xxxxxxxxxxxxxxxxxxxx> Subject: Re: Call for Community Feedback: Retiring IETF FTP Service The discussion of FTP service retirement has actually been surprisinginly informative. Things I've learned include: (1) The IETF no longer provides HTTP access, leaving FTP as the only access mechanism that doesn't require a crypto layer. With FTP gone, crypto becomes a requirement for access.Could you help me better understand which way your concern leans. Let's abstract away HTTP and FTP, and just consider a communications channel. Do you have a use case where access to IETF artifacts need to happen over unencrypted channels (i.e., getting the same artifacts over an encrypted channels breaks the use case)? Put via analogy, if you always get something via postcard (in the clear), but got it in an envelope (encrypted) instead, it break something. Or are you stating a philosophical position on not providing channel security?
Crypto channels are all well and good. I just do not see the arguement to REQUIRE them for open documents like IETF rfcs and drafts. The OPTION if someone is concerned that their retrieval needs protection, OK, but a MUST?
I just don't see it.
