[dns-operations] knot-dns

Roland Dobbins rdobbins at arbor.net
Sat Dec 13 21:44:41 UTC 2014


On 14 Dec 2014, at 4:36, Rubens Kuhl wrote:

> What I'm curios about is how we measure code diversity among those 3 
> platforms; would using any 2 of the 3 be diverse enough for long-term 
> survivability, or are they too similar in architecture ?

While it sounds good on phosphor, the concept of code diversity is so 
abstract, compared to the significant operational challenges and 
associated security challenges of operating separate systems performing 
the same functions (sort of), but differently, that any potential 
benefit is generally outweighed by the negative impact to security 
posture of said challenges.

-----------------------------------
Roland Dobbins <rdobbins at arbor.net>



More information about the dns-operations mailing list