RE: Debian + Verisign's .com/.net hijack
It is not hardcoded. A new configuration directive has been added, and
it is completely up to the administrator to decide to use it.
http://www.isc.org/products/BIND/delegation-only.html
Boyan Krosnov, CCIE#8701
http://boyan.ludost.net/
just another techie speaking for himself
> -----Original Message-----
> From: Ronny Adsetts [mailto:ronny.adsetts@amazinginternet.com]
> Sent: Wednesday, September 17, 2003 12:58 PM
> To: Adrian von Bidder
> Cc: debian-security@lists.debian.org
> Subject: Re: Debian + Verisign's .com/.net hijack
>
>
> Adrian von Bidder said the following on 17/09/03 10:11:
> >> Patches for various dns servers to get back to the old behaviour of
> >> the dns system have been published. For example, the ISC has just
> >> released an "official" patch for BIND9.
> >>
> >> I wonder if there are plans to make security upgrades of the dns
> >> servers shipped with Debian. Any comments?
> >
> > I for one would really, really, really like for this 'fix'
> to appear
> > soon. Maintaining hand compiled software is awkward - but I guess
> > I'll do that quite soon.
> >
>
> Adding this *hard coded* value to an official Debian package
> that could
> be around for a couple of years (in stable) would be foolish IMHO. I
> haven't reviewed the patch, so may be wrong about the nature of it...
> (anyone have a link for the patch?)
>
> Better to get Verisign to revoke this stupidity. After all,
> another TLD
> did the same some time ago and the US government intervened, IIRC, to
> get it changed back (.biz?).
>
> Regards,
> Ronny Adsetts
> --
> Technical Director
> Amazing Internet Ltd, London
> t: +44 20 8607 9535
> f: +44 20 8607 9536
> w: www.amazinginternet.com
>
>
> --
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
>
>
Reply to: