Well... while it's <http://www.zdnet.com.au/news/security/soa/DNS-patch-causes-BIND-blunder/0,1300 61744,339290928,00.htm>
certainly "another view" on the same facts.. I find it a particularly distasteful one... Paul and the rest of the folks at ISC have worked to fix this problem as quickly as possible. The fact that haste sometimes yields unforseen consequences was an unforutnate outcome of this particular effort. I'd like to thank the folks at ISC for responding quickly, with a good faith effort to fix the problem.. and for working a dual pronged effort such that the "quick fix" would be replaced in a timely manner with the definitive solution. The fact that the first effort had problems, is, in my opinion, "small potatoes" compared to usual "stone walling" you get from some vendors. Thanks, Paul, and the rest of the crew at ISC. Your work is appreciated. Steve Lancaster [In a message on Tue, 29 Jul 2008 20:51:00 BST, "Stephane Bortzmeyer" wrote:] >On Mon, Jul 28, 2008 at 04:02:07PM +0000, > Paul Vixie <[EMAIL PROTECTED]> wrote > a message of 60 lines which said: > >> ISC began work on the -P1 patches immediately upon being made aware of >> the Kaminsky vulnerability. Our immediate goal was to make patches >> publicly available as soon as possible. During the development cycle we >> became aware of a potential performance issue > >A very different way of presenting the same facts: > >http://www.zdnet.com.au/news/security/soa/DNS-patch-causes-BIND-blunder/0,1300 >61744,339290928,00.htm > Steve
