PRE-ANNOUNCEMENT: BIND-Members Forum

Larry Sheldon lsheldon at creighton.edu
Wed Jan 31 22:33:54 UTC 2001


Mr. Conrad said, in part (in a reply to Mr. McCormack):

>          Please tell us we have misunderstood and that this was
> >all a mistake.
> 
> Yes.  You misunderstood.  Both Paul and myself had serious concerns with 
> how the recent advisories were handled.  In particular, many organizations 
> that should have been contacted prior to the advisories being released 
> weren't.  ISC has no way of notifying organizations that are using BIND in 
> commercial products or services that they should upgrade without also 
> notifying everyone.

This theme ("without also notifying everyone") recurs, and concerns me.

We operate 20-odd known copies of BIND (and I'd not be surprised to learn
that there are double that somewhere in our network) and while we are by no
means part of the target audience as described in Mr. Vixie's original message
we do have a profound and legitimate interest in finding out about termites
in our woodwork as early as is possible.

> > >       2. Use of PGP (or possibly S/MIME) will be mandatory
> >         For what?
> 
> So sensitive information (such as the existence of a security bug) can be 
> transmitted to members securely.
> 
> > >       4. Members will sign strong nondisclosure agreements
> >         About what, for crying out loud?!
> 
> So ISC can be assured that the sensitive information is not released to the 
> public.

And again.
--
-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-
.                                                                       .
- L. F. (Larry) Sheldon, Jr.                                            -
. Unix Systems and Network Administration                               .
- Creighton University Computer Center-Old Gym                          -
. 2500 California Plaza                                                 .
- Omaha, Nebraska, U.S.A.  68178       Two identifying characteristics  -
. lsheldon at creighton.edu                  of System Administrators:     .
- 402 280-2254 (work)                Infallibility, and the ability to  -
. 402 681-4726 (cellular)               learn from their mistakes.      .
- 402 332-4622 (residence)                                              -
. http://www.creighton.edu/~lsheldon    Adapted from Stephen Pinker     .
-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-


More information about the bind-users mailing list