On Tue, Jul 30, 2013, at 8:32, Daniel Kalchev wrote: > > > This is very much an situation like replacing gcc with clang/llvm. > However, in the case of BIND we have no licensing problems, stability > problems, performance problems etc --- just concerns that BIND generates > many SAs -- which might be actually good indicator, as it demonstrates > that BIND is worked on. >
There's a man with a name whose initials match DJB that would strongly disagree. Now he's not always the best person to reference, but he's made a succinct point with his own software, whether or not you like using it. Unbound/NSD are suitable replacements if we really need something in base, and they have been picked up by OpenBSD for a good reason -- clean, secure, readable, maintainable codebases and their use across the internet and on the ROOT servers is growing. > I personally see no reason to remove BIND from base. If someone does not > want BIND in their system, they could always use the WITHOUT_BIND build > switch. I'd be inclined to agree if it wasn't such a wholly insecure chunk of code. You don't see people whining about Sendmail in base when they prefer Postfix or Exim, but Sendmail doesn't have a new exploit every week. You do tend to need an MTA for getting messages off the system more than you need a local recursor/cache, but at least it's not causing you maintenance headaches. If you consider the possibility that a large enough percentage of users really desire a local recursor/cache it should be our duty to give them the best option available. _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[email protected]"
