[dns-operations] BIND and the upcoming .COM DNSSEC change
fw at deneb.enyo.de
Sun Mar 27 18:45:07 UTC 2011
It's not clear to me how buggy versions of BIND (9.6-ESV, in
particular) react to DNSSEC-related changes as described in:
Will a server restart be sufficient in all cases, even if the resolver
has enabled DLV?
I'm also a bit concerned that 9.6-ESV is effectively end-of-life.
(There's another fix for zone availability issues under DNSSEC which
hasn't been back-ported to it, either.) Have I missed a public
statement from ISC on this matter?
Background: I suppose Debian needs to issue an advisory, now without
the fix in code, and I want to get the facts straight.
More information about the dns-operations