[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: updates bind9 package for etch?



On Tuesday 20 May 2008 14:14, Thijs Kinkhorst wrote:
> On Tuesday 20 May 2008 14:11, Jan Wagner wrote:
> > malice or not, if the old L would have answered with false (in which way
> > ever) answers, there would be a significant part of users affected. Users
> > (of users) of a stock bind9 right out of stable are also affected.
>
> True, but it doesn't, so there's nothing affected.

Beside the judge, how urgent this should be fixed in any distribution (like 
debian is one), it should be fixed urgently in any operational resolving 
nameserver. You don't know if this "fix" is permanent. There are many issues 
on the global routing table clowd. For an example, have a look into 
http://www.ripe.net/news/study-youtube-hijacking.html. So to have a broken 
system (like DNS it is with this root file) a bit more unbroken, the 
resolvers should be fixed. Such an issue is one reason for DNSSEC[1], which 
also have issues anyways.

> > > bit more nuance to it. We're getting multiple mails of people already
> > > that read your post without reading ICANN's and think there's something
> > > dangerous going on.
> >
> > WTF?!? I can't get, that people don't read the refered document, if they
> > are so worried. It was not my intention to provide misleading
> > informations, sorry.
>
> I don't promote people not reading well, but it's unfortunately a fact of
> life. Stolen has a denotation of malice and bad faith, so I think it's
> desirable not to use such inflated terminology to start with. Of couse it's
> your blog so you put on it what you want, but I think it would be better
> for everyone to pick words that accurately describe the issue we're under,
> and not something "just to get attention". But anyway, this gets off topic.

I updated the article once 13:20 CEST and now again, which hopefully makes it 
much more clear. Any yes, it _was_ "stolen", cause the system was out of 
control of the legitim operators, this word was not used to get "just" the 
attention.

> I'll just keep replying to those people emailing us that there's no
> security issue here.

Into which input channel do you get these mails? team@s.d.o?

With kind regards, Jan.
[1] http://en.wikipedia.org/wiki/DNSSEC
-- 
Never write mail to <waja@spamfalle.info>, you have been warned!
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GIT d-- s+: a- C+++ UL++++ P+ L+++ E- W+++ N+++ o++ K++ w--- O M V- PS PE
Y++ PGP++ t-- 5 X R tv- b+ DI- D++ G++ e++ h-- r+++ y+++
------END GEEK CODE BLOCK------

Attachment: pgpQASlKmw7XW.pgp
Description: PGP signature


Reply to: