[34340] in North American Network Operators' Group
RE: Reasons why BIND isn't being upgraded
daemon@ATHENA.MIT.EDU (Roeland Meyer)
Sat Feb 3 16:37:16 2001
Message-ID: <9DC8BBAD4FF100408FC7D18D1F092286039C3E@condor.mhsc.com>
From: Roeland Meyer <rmeyer@mhsc.com>
To: 'Adam Rothschild' <asr@latency.net>,
Paul A Vixie <vixie@mfnx.net>
Cc: nanog@merit.edu
Date: Sat, 3 Feb 2001 13:28:59 -0800
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Errors-To: owner-nanog-outgoing@merit.edu
> From: Adam Rothschild [mailto:asr@latency.net]
> Sent: Saturday, February 03, 2001 1:20 PM
> Why not just notify everyone at once? That way, when vulnerabilities
> are discovered, people can take whatever action they deem appropriate
> to protect their infrastructure (write/release their own set of BIND
> patches? upgrade to djbdns? decide DNS is too daunting to manage
> in-house, and outsource to Nominum or UltraDNS instead?), rather than
> remain vulnerable, pending an official announcement from the
> appropriate sources.
Perhaps I'm missing something, isn't that what ISC does on the web-site
already?
