>>>>> "Theo" == Theo de Raadt <[EMAIL PROTECTED]> writes:

    Theo> What does the community think of this change in direction?

What "change in direction"?

    Theo> (Myself, I think it is a terrible idea to charge money for
    Theo> security information access, and that closing BIND up like
    Theo> this is also going to be harmful)

Please re-read Paul Vixie's announcement. Nobody's suggesting BIND
will get "closed up", apart from a few misguided people who have
jumped to wrong/absurd conclusions without having all the facts at
their disposal. Probably Paul is the only one who has those facts,
though I believe I'm close enough to the action to know most of
them. I speak here only for myself, not my employer (Nominum) or as a
mouthpiece for the ISC or Paul Vixie (which I'm definitely not).

One - just ONE - of the features suggested - only suggested - for the
BIND Members Forum (BMF) is that members get advance warning of
security problems. This is not unreasonable given that members are
likely to be folks running root, gTLD and ccTLD name servers or
vendors who have to prepare and ship security patches to their
customers. Or do you think that critical Internet infrastructure
should just take their chances that the script kiddies don't get to
them first? Another membership constituency are the companies who
build products on top of BIND. They need time to incorporate any
security fix too. Many of them were taken by surprise by Monday's

Other benefits that have been suggested for the proposed BMF are:
access to the CVS archives; in-person meetings (presumably to discuss
new features/requirements for the software or perhaps workshops on the
internals or contact with the developers); a mailing list. Where's the
harm in that?

I agree that Paul's announcement of the BNF could have been worded
better. [Hindsight is a wonderful thing.] But people should calm
down. Some of the claims that have been made are just ridiculous: like
BIND would no longer be open source. The BNF is simply a way for the
ISC to broaden its source of funds, get input from people who are
serious BIND users and co-ordinate the future development of
BIND. It's nothing more sinister than that.

Reply via email to