[dns-operations] i've got a conflict of interest, can a non-implementor answer this?
wllarso at swcp.com
Wed Jan 14 00:46:33 UTC 2009
On Jan 13, 2009, at 4:34 PM, Paul Vixie wrote:
> in http://gcn.com/articles/2009/01/12/dns-requires-a-layered-approach.aspx
> see the following exchange:
> "GCN: BIND, which is the most widely used DNS server, is open
> source. How safe are the latest versions of it?
> TOVAR: For a lot of environments, it is perfectly suitable. But in
> any mission-critical network in the government sector, any
> financial institution, anything that has the specter of identity
> theft or impact on national security, I think using open source is
> just folly."
> anything i might say would be seen as self serving, so i hope that
> here who are not DNS implementors will add professionally worded
> to this article explaining your views about the need for critical
> infrastructure to have some open source mixed into it.
You made an interesting statement when the article says:
However, patches and DNSsec are not enough to secure this critical
infrastructure, said Tom Tovar, chief executive officer of Nominum, a
supplier of network naming and address tools. Layered defenses need to
be built into the DNS software of critical servers, Tovar said. He
spoke recently with GCN about the challenges of DNS security.
"Self serving"? Against the person that is CEO for the company that
markets the product being "sold" in the article?
Paul, I'd say that any comments that you make about this article
shouldn't be considered as self-serving, but I do understand you
hesitation. You are showing more restraint than Tom Tovar.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the dns-operations