[dns-operations] i've got a conflict of interest, can a non-implementor answer this?

Bill Larson wllarso at swcp.com
Wed Jan 14 00:46:33 UTC 2009


On Jan 13, 2009, at 4:34 PM, Paul Vixie wrote:

> in http://gcn.com/articles/2009/01/12/dns-requires-a-layered-approach.aspx 
>  we
> see the following exchange:
>
> 	"GCN: BIND, which is the most widely used DNS server, is open
> 	source.  How safe are the latest versions of it?
>
> 	TOVAR: For a lot of environments, it is perfectly suitable. But in
> 	any mission-critical network in the government sector, any
> 	financial institution, anything that has the specter of identity
> 	theft or impact on national security, I think using open source is
> 	just folly."
>
> anything i might say would be seen as self serving, so i hope that  
> others
> here who are not DNS implementors will add professionally worded  
> comments
> to this article explaining your views about the need for critical
> infrastructure to have some open source mixed into it.

You made an interesting statement when the article says:

However, patches and DNSsec are not enough to secure this critical  
infrastructure, said Tom Tovar, chief executive officer of Nominum, a  
supplier of network naming and address tools. Layered defenses need to  
be built into the DNS software of critical servers, Tovar said. He  
spoke recently with GCN about the challenges of DNS security.

"Self serving"?  Against the person that is CEO for the company that  
markets the product being "sold" in the article?

Paul, I'd say that any comments that you make about this article  
shouldn't be considered as self-serving, but I do understand you  
hesitation.  You are showing more restraint than Tom Tovar.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.dns-oarc.net/pipermail/dns-operations/attachments/20090113/366d8e70/attachment.html>


More information about the dns-operations mailing list