[34363] in North American Network Operators' Group
Re: Reasons why BIND isn't being upgraded
daemon@ATHENA.MIT.EDU (Joe Rhett)
Sat Feb 3 21:17:04 2001
Date: Sat, 3 Feb 2001 16:38:20 -0800
From: Joe Rhett <jrhett@isite.net>
To: Adam Rothschild <asr@latency.net>
Cc: nanog@merit.edu
Message-ID: <20010203163820.C6636@isite.net>
Mail-Followup-To: Adam Rothschild <asr@latency.net>, nanog@merit.edu
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20010203141125.C20872@og.latency.net>; from asr@latency.net on Sat, Feb 03, 2001 at 02:11:25PM -0500
Errors-To: owner-nanog-outgoing@merit.edu
On Sat, Feb 03, 2001 at 02:11:25PM -0500, Adam Rothschild wrote:
> I'm a bit confused. Under this arrangement, what incentive is there
> for security-conscious common people to run BIND as a name server,
> rather than its various alternatives, most of which don't require
> preferential treatment in order to get timely security
> advisories/fixes?
Let's say you get your patches from Sun, right? Sun gets information on
those patches from ISC, and releases them to you without preferential
treatment.
Just because you aren't aware of it, don't assume that software vendors
don't have private channels of communication with their providers.
Think before you speak.
--
Joe Rhett Chief Technology Officer
JRhett@ISite.Net ISite Services, Inc.
PGP keys and contact information: http://www.noc.isite.net/Staff/
