Article <vdaj84$1fa7h$2@dont-email.me>

Deutsch English Français Italiano
<vdaj84$1fa7h$2@dont-email.me>

View for Bookmarking (what is this?)
Look up another Usenet article
Path: ...!news.mixmin.net!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: vallor <vallor@cultnix.org>
Newsgroups: news.admin.hierarchies,news.software.nntp
Subject: Re: ISC will likely be shutting down FTP access to ftp.isc.org soon
 (https will remain)
Date: Sun, 29 Sep 2024 03:57:57 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 55
Message-ID: <vdaj84$1fa7h$2@dont-email.me>
References: <1f19a554-8a81-ce8c-8ac6-7ab1e053a632@isc.org>
	<vd4oqj$dd1r$1@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Injection-Date: Sun, 29 Sep 2024 05:57:57 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="aa8a9e5d9c81c257f406c9c45bbe2547";
	logging-data="1550577"; mail-complaints-to="abuse@eternal-september.org";	posting-account="U2FsdGVkX1/+MP3RLS+Ye25C2AHKAuOG"
User-Agent: Pan/0.160 (Toresk; 54aa2a97; Linux-6.11.0)
Cancel-Lock: sha1:u7uuiBvR6O7ATqIRapRvd3qzNmk=
X-Face: \}2`P"_@pS86<'EM:'b.Ml}8IuMK"pV"?FReF$'c.S%u9<Q#U*4QO)$l81M`{Q/n
 XL'`91kd%N::LG:=*\35JS0prp\VJN^<s"b#bff@fA7]5lJA.jn,x_d%Md$,{.EZ
Bytes: 3527

On Thu, 26 Sep 2024 22:56:19 -0000 (UTC), "Adam H. Kerman"
<ahk@chinet.com> wrote in <vd4oqj$dd1r$1@dont-email.me>:

> Dan Mahoney <dmahoney@isc.org> wrote:
> 
>>All,
> 
>>ISC is the operator of the F-root DNS server as well as the makers of
>>BIND, ISC DHCP, Kea, as well as historic other pieces of software.  We
>>also have had a long relationship with the team that makes INN.  For
>>largely historical reasons, ISC also works with those same authors to
>>publish a canonical list of newsgroups over at ftp.isc.org.
> 
>>However, as ISC also offers support contracts for BIND and Kea, and
>>those customers have their own due diligence policies, we are often
>>subject to scrutiny and audits about how our network runs, and even for
>>a venerable URL like ftp.isc.org, we get questions from auditors like
>>"did you know you have a public FTP server on your network!  Why!?"
> 
> It saddens me that people who should know better think that the mere
> existence of the FTP server potentially compromises security on other
> hosts in the network.
> 
> I'm sorry you were pressured here.
> 
>>. . .
> 
>>Ergo, it seems to be a simple enough matter to tell people who fetch
>>those usenet control files via anonymous FTP to simply switch to HTTPS.
>>As a benefit, this also allows us to use the CDN provider we already use
>>for downloads.isc.org.  The url would remain ftp.isc.org, and the
>>pathing would remain the same.  We'd still sync the data from Russ as we
>>already do).
> 
> Switching to https is not so simple. Those of us who use it regularly
> want to see directory listings. I get these automatically using an ftp
> client but not when I use a browser. With a browser, subdirectories are
> listed but Russ's README is not (I think there are three of them).
> 
> Every single directory, then, requires a frequently regenerated
> index.html file that's literally a directory listing, both files and
> subdirectories.

This turns out not to be the case.  Apache can be configured
to provide directory indexes, and that's what the site appears to
be doing now.

However, some files may be named in such a way that they aren't
being picked up by the directory indexing code.  That could be
rectified, and I hope they do so.

And thanks to Dan for posting.

-- 
-v