Is Bind still broken?
Simon Waters
Simon at wretched.demon.co.uk
Sun Nov 17 20:57:42 UTC 2002
dns wrote:
>
> ... i have a problem with that. somehow , the idea that 'i' have to
> "SEARCH" for that kind of information, wrankles. given the importance of
> dns , a line like "Full disclosure, and or fixes, only guaranteed to
> paying customers", should be the first line of visible html.
It isn't "paying customers", it is those people who register a
supportable interest in early disclosure. Typically these are
people working on derivative products, although I believe people
running key pieces of DNS infrastructure can ask for early
disclosure.
I assume people authoring derivative products often have
contractual relationships with ISC, but I don't believe it is a
requirement, either to produce derivatives products or to get
early disclosure.
Support contracts are done through a different company, Nominum,
who as far as I know have minimal interest in BIND 4 or BIND 8
(although I expect they'll help you with it if you pay them
enough).
I see no reason to prefer old versions of BIND over BIND 9
unless you are running a VERY busy nameserver, so the latest
security issue SHOULD have affected very few people. In reality
there is a lot of old software out there, and a lot of badly
configured name servers.
More information about the bind-users
mailing list