Reasons why BIND isn't being upgraded
Adam Rothschild
asr at latency.net
Sat Feb 3 21:19:54 UTC 2001
On Sat, Feb 03, 2001 at 12:51:53PM -0800, Paul A Vixie wrote:
> > Will the ISC implement similar policies with its INN and DHCP software
> > in the foreseeable future, or is this something unique to BIND?
>
> I don't see INN or DHCP as critical to the internet's infrastructure, so, no.
So, the more critical to the Internet's infrastructure software is,
the more difficult it should be for non-"privledged" people to be made
aware of key security announcements/patches in a timely manner?
Why not just notify everyone at once? That way, when vulnerabilities
are discovered, people can take whatever action they deem appropriate
to protect their infrastructure (write/release their own set of BIND
patches? upgrade to djbdns? decide DNS is too daunting to manage
in-house, and outsource to Nominum or UltraDNS instead?), rather than
remain vulnerable, pending an official announcement from the
appropriate sources.
-adam
More information about the NANOG
mailing list