ISC statement about BIND9's recent -P1 releases
Steve Lancaster
stevelan at cesa.opbu.xerox.com
Tue Jul 29 20:21:15 UTC 2008
Well... while it's
<http://www.zdnet.com.au/news/security/soa/DNS-patch-causes-BIND-blunder/0,1300
61744,339290928,00.htm>
certainly "another view" on the same facts.. I find it a particularly
distasteful one...
Paul and the rest of the folks at ISC have worked to fix this problem as
quickly as possible. The fact that haste sometimes yields unforseen
consequences was an unforutnate outcome of this particular effort.
I'd like to thank the folks at ISC for responding quickly, with a good
faith effort to fix the problem.. and for working a dual pronged effort
such that the "quick fix" would be replaced in a timely manner with the
definitive solution.
The fact that the first effort had problems, is, in my opinion, "small
potatoes" compared to usual "stone walling" you get from some vendors.
Thanks, Paul, and the rest of the crew at ISC.
Your work is appreciated.
Steve Lancaster
[In a message on Tue, 29 Jul 2008 20:51:00 BST,
"Stephane Bortzmeyer" wrote:]
>On Mon, Jul 28, 2008 at 04:02:07PM +0000,
> Paul Vixie <vixie at isc.org> wrote
> a message of 60 lines which said:
>
>> ISC began work on the -P1 patches immediately upon being made aware of
>> the Kaminsky vulnerability. Our immediate goal was to make patches
>> publicly available as soon as possible. During the development cycle we
>> became aware of a potential performance issue
>
>A very different way of presenting the same facts:
>
>http://www.zdnet.com.au/news/security/soa/DNS-patch-causes-BIND-blunder/0,1300
>61744,339290928,00.htm
>
Steve
More information about the bind-users
mailing list