[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: nscd: Was Re: long delays with LDAP nss/pam



also sprach Wouter Verhelst <wouter@grep.be> [2004.10.29.1508 +0200]:
> It assumes that all DNS servers use the same configuration format,
> or that all DNS servers in a given zone run the same software,
> which simply is an incorrect assumption.

It has suited me just fine. I am thankful that djbdns provides me
with a strong basis upon which I can converge. axfrdns additionally
offers zone transfers to AXFR servers, and scripts exist to convert
AXFR transfers to djbdns format.

If you've ever seen the djbdns config file format, you aren't going
back. Or are you going to argue that BIND zone files are intuitive,
not error-prone, and easy to manage?

> Using BIND9, nsupdate, and domain keys, you have an IXFR
> implementation that is complete, secure (at least as secure as
> BIND itself and the key you're using), and that works:

My last status was that the encryption used was not much better than
MIME64. I may well be wrong.

> Yes, obviously this requires you to do some configuration first.
> So what?

Well, I have better things to do.

No, I don't want a flame war, so please don't reply. You use BIND,
I used djbdns, makes two happy people.

In any case, please don't advocate to run BIND to everyone. Too much
can go wrong.

-- 
Please do not send copies of list mail to me; I read the list!
 
 .''`.     martin f. krafft <madduck@debian.org>
: :'  :    proud Debian developer, admin, user, and author
`. `'`
  `-  Debian - when you have better things to do than fixing a system
 
Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver!

Attachment: signature.asc
Description: Digital signature


Reply to: