Reasons why BIND isn't being upgraded
Paul Vixie
vixie at mfnx.net
Sat Feb 3 18:24:58 UTC 2001
patrick at cybernothing.org (Patrick Greenwell) writes:
> > hiding it DOES however make it harder for people (including network owners)
> > to do surveys.
>
> By the same token one might argue that atempting to hide vunerabilities
> to those paying you for "early warnings" doesn't help at all.
Wrt the bind-members forum being discussed to death elsewhere, nobody can pay
for early warnings. CERT will still be the source of early earnings. What
people can pay for (bind-members participation) is the legal fees associated
with NDA-level access to early fixes, if and only if they provide part of the
internet's basic infrastructure (e.g., OS vendors and TLD server operators).
> Just something to consider.
I promise that ISC considered everything which was relevant, which your
claim above is emphatically not. (Thanks for the FUD though.)
More information about the NANOG
mailing list