Warning: mysqli::__construct(): (HY000/1203): User howardkn already has more than 'max_user_connections' active connections in D:\Inetpub\vhosts\howardknight.net\al.howardknight.net\includes\artfuncs.php on line 21
Failed to connect to MySQL: (1203) User howardkn already has more than 'max_user_connections' active connections
Warning: mysqli::query(): Couldn't fetch mysqli in D:\Inetpub\vhosts\howardknight.net\al.howardknight.net\index.php on line 66
Article <vd6ips$ou6o$1@dont-email.me>
Deutsch   English   Français   Italiano  
<vd6ips$ou6o$1@dont-email.me>

View for Bookmarking (what is this?)
Look up another Usenet article

Path: ...!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: Marco Moock <mm+usenet-es@dorfdsl.de>
Newsgroups: news.admin.hierarchies,news.software.nntp
Subject: Re: ISC will likely be shutting down FTP access to ftp.isc.org soon
 (https will remain)
Date: Fri, 27 Sep 2024 17:25:47 +0200
Organization: A noiseless patient Spider
Lines: 59
Message-ID: <vd6ips$ou6o$1@dont-email.me>
References: <1f19a554-8a81-ce8c-8ac6-7ab1e053a632@isc.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Injection-Date: Fri, 27 Sep 2024 17:25:48 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="24e1c1b174f260931f1c6d5c13122b6b";
	logging-data="817368"; mail-complaints-to="abuse@eternal-september.org";	posting-account="U2FsdGVkX1/BYmjcuywg61ZLtVrtL46V"
Cancel-Lock: sha1:1YUB/lEiP9JizsxTmqYJyIm2TZs=
Bytes: 3378

On 26.09.2024 um 22:17 Uhr Dan Mahoney wrote:

> However, as ISC also offers support contracts for BIND and Kea, and
> those customers have their own due diligence policies, we are often
> subject to scrutiny and audits about how our network runs, and even
> for a venerable URL
> like ftp.isc.org, we get questions from auditors like "did you know
> you have a public FTP server on your network!  Why!?"

Why is that a problem for your customers?
FTP is unencrypted, but the stuff on the ftp server is public.
I know that some people hate this protocol and want everybody to use
HTTPS, but HTTPS has some vast disadvantages compared to FTP.

> We also no longer live in the world where a copy of curl/wget that 
> supports modern ciphers is not available everywhere.

ftp supports a standardized directory listing. HTTP doesn't. One big
reason for not using HTTP.

> Ergo, it seems to be a simple enough matter to tell people who fetch 
> those usenet control files via anonymous FTP to simply switch to
> HTTPS. As a benefit, this also allows us to use the CDN provider we
> already use for downloads.isc.org.

Is there that much traffic that a CDN is needed?
I like the distributed concept of the internet and I see a big
disadvantage in sourcing that out to only a small amount of CDN
operators.

> We do not have a specific date yet (this depends on specific feedback
> from the community), but on the order of a month or two sounds
> reasonable.

This will most likely break many usenet servers because I don't think
every newsmaster will have a look at such stuff that often.

> If any software, such as INN, ships with the "ftp"
> protocol baked-in, this gives enough time for people to put out new
> releases and docs that point at the change, or at least add the
> change to their README's, and the like.

Might be true, but be aware that most systems run on operating systems
that don't always have the latest upstream packages. Systems like
Debian have package versions that are sometimes older than 1 or 2 years
with security backports.

> If there are objections or considerations, please feel free to reply
> here or contact me directly.

I don't see a real reason to shut down the ftp server. If some of your
customers don't like the FTP protocol, they don't need to use it.

-- 
kind regards
Marco

Send spam to 1727381856muell@cartoonies.org