Is Bind still broken?

[Simon Waters]

dns wrote:
> 
> ... i have a problem with that.  somehow , the idea that 'i' have to
> "SEARCH" for that kind of information, wrankles.  given the importance of
> dns , a line like "Full disclosure, and or fixes, only guaranteed to
> paying customers", should be the first line of visible html.

It isn't "paying customers", it is those people who register a
supportable interest in early disclosure. Typically these are
people working on derivative products, although I believe people
running key pieces of DNS infrastructure can ask for early
disclosure.

I assume people authoring derivative products often have
contractual relationships with ISC, but I don't believe it is a
requirement, either to produce derivatives products or to get
early disclosure.

Support contracts are done through a different company, Nominum,
who as far as I know have minimal interest in BIND 4 or BIND 8
(although I expect they'll help you with it if you pay them
enough).

I see no reason to prefer old versions of BIND over BIND 9
unless you are running a VERY busy nameserver, so the latest
security issue SHOULD have affected very few people. In reality
there is a lot of old software out there, and a lot of badly
configured name servers.