[governance] alternate distribution master (was Sense of the Senate Resolution)
McTim
dogwallah at gmail.com
Thu Oct 20 13:39:01 EDT 2005
hey,
On 10/20/05, Paul Vixie <paul at vix.com> wrote:
> # 3. They are running older BIND version, so can't deploy latest DNSSEC spec.
> # ...
> # ;; ANSWER SECTION:
> # VERSION.BIND. 0 CH TXT "8.2.4-REL"
> # ...
> # Should be 9.3.x
>
> while i agree that 9.x is better software, there are some people whose
> needs are met by 8.x. it's true that to deploy dnssec they'll need 9.x,
> but it's also true that until the admins of ARPA and "." deploy dnssec,
> deploying it in E164.ARPA would be a meaningless waste of time and effort.
ACK, I was trying to point out that they are using "last years model",
which doesn't give me confidence they are up to the task Danny
suggested they take on.
>
> that having been said, 8.2.4 is old and vulnerable, and shouldn't be used.
> if you have to run 8.2.x, use 8.2.5. if you have to run 8.x but not nec'ily
> 8.2.x, run 8.4.6. see http://www.isc.org/sw/bind/ for more information.
>
> in any case, don't bash ITU for not running dnssec-capable nameservers. yet.
ok, I'll wait then ;-)
--
Cheers,
McTim
nic-hdl: TMCG
_______________________________________________
governance mailing list
governance at lists.cpsr.org
https://ssl.cpsr.org/mailman/listinfo/governance
More information about the Governance
mailing list