[34353] in North American Network Operators' Group
RE: Reasons why BIND isn't being upgraded
daemon@ATHENA.MIT.EDU (Vivien M.)
Sat Feb 3 18:59:35 2001
From: "Vivien M." <vivienm@dyndns.org>
To: "jamie rishaw" <jamie@arpa.com>
Cc: <nanog@merit.edu>
Date: Sat, 3 Feb 2001 18:12:29 -0500
Message-ID: <NDBBKECCEHKIHGIMJECAIEMACHAA.vivienm@dyndns.org>
MIME-Version: 1.0
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit
In-Reply-To: <20010203173554.J389@arpa.com>
Errors-To: owner-nanog-outgoing@merit.edu
> -----Original Message-----
> From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of
> jamie rishaw
> Sent: February 3, 2001 5:36 PM
> To: Patrick Greenwell
> Cc: Paul A Vixie; nanog@merit.edu
> Subject: Re: Reasons why BIND isn't being upgraded
>
>
>
> On Sat, Feb 03, 2001 at 02:14:12PM -0800, Patrick Greenwell wrote:
> >
> > I count 141 ICANN "fully: accrediated domain name registrars, with an
> > unknown number of secondary registrars due to systems like OpenSRS.
> >
> > These organizations collectively handle second-level name resolution for
> > the overwhelming majority of the millions of .com, .net, and
> .org domains
> > in use on the Internet. And while I haven't done a survey, I'd surmise
> > that they overwhelmingly use BIND.
> >
> > Will these 141 organizations many of whose business relies on BIND be
> > eligible for your fee-based list? Do they consitute providers
> of "critical
> > infrastructure" in your eyes?
> >
>
> They're registrars. The don't directly provide DNS in any more critical
> a nature than any commercial DNS provider.
>
> And, since they're commercial organizations using BIND in a commercial
> aspect, I think they can cough up the money.
Disclaimer: I'm not a registrar myself, but I thought that GTLD registrars
sent everything to the NSI registry, and NSI still maintained the actual
zone files on the GTLD servers.
If this is correct, I would argue that they don't provide DNS in any way
(except to their internal machines); certainly, they're not part of critical
infrastructure (whereas *.gtld-servers.net, the contents of which they
contribute to, certainly are).
Therefore, they'd have less need to know about BIND security bugs than a
commercial DNS provider, or a non-profit DNS provider like us.
Vivien
--
Vivien M.
vivienm@dyndns.org
Assistant System Administrator
Dynamic DNS Network Services
http://www.dyndns.org/
