PRE-ANNOUNCEMENT: BIND-Members Forum
Joseph S D Yao
jsdy at cospo.osis.gov
Thu Feb 1 19:41:21 UTC 2001
On Wed, Jan 31, 2001 at 08:01:03PM -0600, Larry Sheldon wrote:
> then be something along the lines of "I'd like the vendors (by whom ever paid)
> to produce better quality, less frequently "vulnerable" products, for the
> discoverers of failures to do that to tell them what they need to know to
> repair the damage, and while that is going on, I want to know that I have
> been put at risk, and I want to know enough about the risk to do the best I
> can to protect myself.
BIND 8 was picked up by ISC to support as a hacked-together piece of
software that since has had accretions to it to support all of the
IETF's requirements.
The better quality, less-frequently vulnerable product for which you
ask was started by ISC a while ago, and a usable version has been out
for several weeks now. It is BIND 9. Had you already implemented it?
Why do almost half the users still use BIND 4, and a large proportion
of the rest use out-of-date versions of BIND 8? Why didn't everybody
install BIND 9 two weeks ago?
[The numbers above are extremely imprecise. Whoever runs the survey -
Bill? - is welcome to correct me.]
If you are like me, you are still in the process of evaluating it and
getting it distributed to your DNS sites. At that, you and I are 'way
ahead of the crowd.
And THAT, not the Evilll Conspiracy Theory, is the problem!
--
Joe Yao jsdy at cospo.osis.gov - Joseph S. D. Yao
COSPO/OSIS Computer Support EMT-B
-----------------------------------------------------------------------
This message is not an official statement of COSPO policies.
More information about the bind-users
mailing list