[dns-operations] Karl Auerbach on adding 'millions' more TLD - what do folks think about the operational impact?
paul at vix.com
Wed Jan 10 20:41:16 UTC 2007
> The installed base of broken server isn't that large.
i think it's in their resolver not their servers.
> It's on a relatively unpopular windows version. Microsoft could fix
> this at anytime they want by releasing the patch via Windows /
> Microsoft Update. While this won't get all the machines fixed it
> will get the vast majority of them fixed.
easily said by us, but evidently rather hard to do by them. this isn't a
hot security fix and thus the relatively high pain threshold for a Windows
Update has not been met by this issue (nor by the other issues like bombing
the AS112 servers with RFC1918-PTR updates.)
> There was no such update mechanism for BIND 4. Today there
> is. Just about all OS's support a over the net mechanism
> for distributing fixes. Even BIND 4 was fixed to accept
> many-answer responses.
indeed, open source has a systemic economics advantage over proprietaryware
on this kind of thing, since there isn't much hot/cold triage going on. but
that's changing, and besides which, there are still unupgraded BIND4 servers
out there that sysadmins are afraid to touch.
More information about the dns-operations