[governance] alternate distribution master (was Sense of the Senate Resolution)

McTim dogwallah at gmail.com
Thu Oct 20 13:39:01 EDT 2005


hey,

On 10/20/05, Paul Vixie <paul at vix.com> wrote:
> # 3. They are running older BIND version, so can't deploy latest DNSSEC spec.
> # ...
> # ;; ANSWER SECTION:
> # VERSION.BIND.           0       CH      TXT     "8.2.4-REL"
> # ...
> # Should be 9.3.x
>
> while i agree that 9.x is better software, there are some people whose
> needs are met by 8.x.  it's true that to deploy dnssec they'll need 9.x,
> but it's also true that until the admins of ARPA and "." deploy dnssec,
> deploying it in E164.ARPA would be a meaningless waste of time and effort.

ACK, I was trying to point out that they are using "last years model",
which doesn't give me confidence they are up to the task Danny
suggested they take on.

>
> that having been said, 8.2.4 is old and vulnerable, and shouldn't be used.
> if you have to run 8.2.x, use 8.2.5.  if you have to run 8.x but not nec'ily
> 8.2.x, run 8.4.6.  see http://www.isc.org/sw/bind/ for more information.
>
> in any case, don't bash ITU for not running dnssec-capable nameservers.  yet.

ok, I'll wait then ;-)


--
Cheers,

McTim
nic-hdl:      TMCG

_______________________________________________
governance mailing list
governance at lists.cpsr.org
https://ssl.cpsr.org/mailman/listinfo/governance



More information about the Governance mailing list