Hi Bob! > -----Original Message----- > From: Robert Moskowitz <rgm-ietf@xxxxxxxxxxxxxxx> > Sent: Tuesday, November 17, 2020 3:45 PM > To: Roman Danyliw <rdd@xxxxxxxx>; Jared Mauch <jared@xxxxxxxxxxxxxxx> > Cc: Keith Moore <moore@xxxxxxxxxxxxxxxxxxxx>; ietf@xxxxxxxx > Subject: Re: Call for Community Feedback: Retiring IETF FTP Service > > > > On 11/17/20 11:10 AM, Roman Danyliw wrote: > > Hi Jared! > > > >> -----Original Message----- > >> From: ietf <ietf-bounces@xxxxxxxx> On Behalf Of Jared Mauch > >> Sent: Tuesday, November 17, 2020 11:02 AM > >> To: Adam Roach <adam@xxxxxxxxxxx> > >> Cc: Keith Moore <moore@xxxxxxxxxxxxxxxxxxxx>; ietf@xxxxxxxx > >> Subject: Re: Call for Community Feedback: Retiring IETF FTP Service > >> > >> On Tue, Nov 17, 2020 at 09:57:34AM -0600, Adam Roach wrote: > >>> On 11/17/20 09:45, Keith Moore wrote: > >>>> Are those web browsers that are deprecating FTP also deprecating > >>>> HTTP without TLS? > >>> > >>> Yes. > >>> > >>> https://blog.mozilla.org/security/2015/04/30/deprecating-non-secure- > >>> ht > >>> tp/ > >>> > >>> https://www.chromium.org/Home/chromium-security/marking-http-as- > non- > >> se > >>> cure > >> There's a difference between preferring https vs http and pulling > >> http support entirely. There's many devices that will never get > >> https, upgrades or certificates. > > I can see this point in the abstract. Can you help me in the specific -- what is > the expected configuration of device accessing IETF resources which is not > HTTPS capable? > > Old CPE firewalls that proxy the user request and cannot support http? But > with other services all moving to https, I suspect they are rapidly being > upgraded. So to clarify, the thinking is that these devices then are falling back to FTP since they haven't been able to use HTTP in 5 years? As noted in [1] and [2], the data doesn't seem to support this as FTP usage appears to be coming from fairly robust mature operations (based on IPs). Regards, Roman [1] https://mailarchive.ietf.org/arch/msg/ietf/b8BfvrcpLmvvjkhJ1MW8DUEzmQ8/ [2] https://mailarchive.ietf.org/arch/msg/ietf/py_9b486x8x2io6d5dAb3FAgNng/ Roman
