North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: Reasons why BIND isn't being upgraded
- From: Adam McKenna
- Date: Sat Feb 03 14:40:29 2001
On Sat, Feb 03, 2001 at 02:11:25PM -0500, Adam Rothschild wrote:
> On Sat, Feb 03, 2001 at 10:24:58AM -0800, Paul Vixie wrote:
> > Wrt the bind-members forum being discussed to death elsewhere,
> > nobody can pay for early warnings. CERT will still be the source of
> > early earnings. What people can pay for (bind-members
> > participation) is the legal fees associated with NDA-level access to
> > early fixes, if and only if they provide part of the internet's
> > basic infrastructure (e.g., OS vendors and TLD server operators).
> I'm a bit confused. Under this arrangement, what incentive is there
> for security-conscious common people to run BIND as a name server,
> rather than its various alternatives, most of which don't require
> preferential treatment in order to get timely security
> Will the ISC implement similar policies with its INN and DHCP software
> in the foreseeable future, or is this something unique to BIND?
FWIW, here's djb's analysis of the current situation, which he posted
recently on the firstname.lastname@example.org mailing list:
| The Vixie cluster of companies---Vixie Enterprises, Nominum, Vayusphere,
| PAIX, M.I.B.H. (swalloed by Metromedia), etc.---is already doing its
| best to make money off BIND. They give us configuration problems and
| then sell support services; they give us reliability problems and then
| sell backup services; they give us security problems and then sell early
| access to security information.
| The natural next step is for them to start selling a BIND Pro with early
| access to features and bug fixes that'll be added someday to the free
| BIND. BIND isn't under the GPL, so there's no legal obstacle to this.