Sujet : Re: ISC will likely be shutting down FTP access to ftp.isc.org soon (https will remain)
De : deletethis (at) *nospam* invalid.lan (noel)
Groupes : news.admin.hierarchies news.software.nntpDate : 28. Sep 2024, 05:35:57
Autres entêtes
Organisation : Ausics - https://newsgroups.ausics.net
Message-ID : <66f787ad$1@news.ausics.net>
References : 1
User-Agent : Pan/0.141 (Tarzan's Death; 168b179 git.gnome.org/pan2)
On Thu, 26 Sep 2024 22:17:36 +0000, Dan Mahoney wrote:
All,
ISC is the operator of the F-root DNS server as well as the makers of
BIND, ISC DHCP, Kea, as well as historic other pieces of software. We
also have had a long relationship with the team that makes INN. For
largely historical reasons, ISC also works with those same authors to
publish a canonical list of newsgroups over at ftp.isc.org.
However, as ISC also offers support contracts for BIND and Kea, and
those customers have their own due diligence policies, we are often
subject to scrutiny and audits about how our network runs, and even for
a venerable URL like ftp.isc.org, we get questions from auditors like
"did you know you have a public FTP server on your network! Why!?"
FTP is also unencrypted, (ftps really never gained any traction as a url
scheme), and in the modern internet, a push for SSL everywhere feels
reasonable as well. The days of hosting mirrors of other FTP sites seem
to belong to a bygone era, and I've disabled the generation of
old-school files like MIRRORED.BY and ls-lr.gz.
We also no longer live in the world where a copy of curl/wget that
supports modern ciphers is not available everywhere.
===
Ergo, it seems to be a simple enough matter to tell people who fetch
those usenet control files via anonymous FTP to simply switch to HTTPS.
As a benefit, this also allows us to use the CDN provider we already use
for downloads.isc.org. The url would remain ftp.isc.org, and the
pathing would remain the same. We'd still sync the data from Russ as we
already do).
We do not have a specific date yet (this depends on specific feedback
from the community), but on the order of a month or two sounds
reasonable. If any software, such as INN, ships with the "ftp" protocol
baked-in, this gives enough time for people to put out new releases and
docs that point at the change, or at least add the change to their
README's, and the like.
If/when this happens I'd likely also make a quick post to a few other
network operator places, and suggestions as to where to do so are
welcome.
If there are objections or considerations, please feel free to reply
here or contact me directly.
Regards,
-Dan
Lot of hogwash, so ISC don't have a spine... I wont go into how comical
the excuses are, others have more than adequately stated how silly they
are.
But we known ISC wont change their mind and you are just going through
the "appearances" process, thanks for pre warning us the mirrors will
soon fail and start sending us errors notices, I have directed my mirrors
maintainer to kill off ISC's mirror as of October 31.
ISC will likely be shutting down FTP access to ftp.isc.org soon (https will remain)
Re: ISC will likely be shutting down FTP access to ftp.isc.org soon (https will remain)
