Separation of authoritative and recursive functions (was: cTLD and DNS upgrade)

Brad Knowles brad at stop.mail-abuse.org
Tue Jul 5 21:41:10 UTC 2005


At 8:48 PM +0100 2005-07-05, Niall O'Reilly wrote:

>  I think it would be good if one or two people who know more about this
>  issue than I do could answer the question Stephane raises, focusing, as
>  he does, on the _current_ BIND.

	You're going to need someone like Mark Andrews or Paul Vixie to 
be able to answer that question authoritatively.

	I strongly recommend separating the functions on the basis that 
there may be security holes which exist but which we do not yet know 
about, and separating the functions will help protect us in that case.

-- 
Brad Knowles, <brad at stop.mail-abuse.org>

"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."

     -- Benjamin Franklin (1706-1790), reply of the Pennsylvania
     Assembly to the Governor, November 11, 1755

   SAGE member since 1995.  See <http://www.sage.org/> for more info.



More information about the bind-users mailing list