Re: Appreciation for Bind patches
Andrew Fried writes: > Simply put, I would like to publicly express my appreciation to > Mr. Vixie for taking the time to add the "root-delegation-only" patch > for Bind. You speak for many. > Andrew Fried, Senior Special Agent > United States Department of the Treasury > Treasury Inspector General for Tax Administration > Strategic Enforcement Division Now go audit Verisign's tax returns for the last 3 years :-).
Re: Appreciation for Bind patches
On Sat, 20 Sep 2003, Andrew Fried wrote: > I have been following the various threads relating to Verisign and > wanted to make one comment that I feel has been missing. Simply put, I > would like to publicly express my appreciation to Mr. Vixie for taking > the time to add the "root-delegation-only" patch for Bind. I'm fairly > new to NANOG, but I'm sure that others beside myself also feel a thank > you is appropriate. Absolutely. Special thanks are also due to the members of the ISC BIND Forum for their financial support of such efforts. Verisign's ill-advised actions have put DNS and other Internet governance issues on the radar of many, including myself. I'm considering an 'individual' ($200/yr) membership to the BIND Forum, and I encourage others who haven't already to do the same. -Graham Freeman http://www.jahiel.net/
Re: Appreciation for Bind patches
On Sat, 20 Sep 2003, Andrew Fried wrote: > I have been following the various threads relating to Verisign and wanted > to make one comment that I feel has been missing. Simply put, I would like > to publicly express my appreciation to Mr. Vixie for taking the time to add > the "root-delegation-only" patch for Bind. I'm fairly new to NANOG, but > I'm sure that others beside myself also feel a thank you is appropriate. I have to second this. I started work on a bind8 patch for Anonymizer's DNS servers after learning of the .com/.net change well before the news that bind9 would have out of the box support for the features I needed. This comes as a great relief, since there is now a supported and de facto standard way of dealing with the Verisign breakage. I don't have to worry about maintaining an in-house solution to this problem over version changes, and I don't have to worry about possible unexpected behavior due to errors on my part. This is probably the most responsive I have ever seen any software "vendor" perform in providing a solution to someone else's problem. As a side effect of bind9's support for the "root-delegation-only" feature, general performance of our systems have improved. (We upgraded two of our caching name-servers from bind8 to bind9, and our proxy response times have jumped by nearly a second in some cases.) This certainly isn't a scientific benchmark of performance advantages for bind9 over bind8, but I am finding myself having to ask the question "is it time to retire bind8 entirely?" now. Thanks again, Len
Re: Appreciation for Bind patches
> I have been following the various threads relating to Verisign and wanted > to make one comment that I feel has been missing. Simply put, I would like > to publicly express my appreciation to Mr. Vixie for taking the time to add > the "root-delegation-only" patch for Bind. I'm fairly new to NANOG, but > I'm sure that others beside myself also feel a thank you is appropriate. thanks for those kind words, but rapid response of this kind is one of our obligations to the bind forum, and it's only because of our members that we're able to serve the community in this way. btw: here's the short term results of me deploying root-delegation-only on my personal mail server at home: Sep 20 22:06:25 named: enforced delegation-only for 'com' (ok61930.com) Sep 20 22:06:25 named: enforced delegation-only for 'com' (ok61930.com) Sep 20 22:08:23 named: enforced delegation-only for 'com' (helimore574.com) Sep 20 22:08:23 named: enforced delegation-only for 'com' (helimore574.com) Sep 20 22:08:42 named: enforced delegation-only for 'com' (netscape1008.com) Sep 20 22:08:43 named: enforced delegation-only for 'com' (netscape1008.com) Sep 20 22:16:02 named: enforced delegation-only for 'com' (aagf91512.com) Sep 20 22:16:02 named: enforced delegation-only for 'com' (aagf91512.com) Sep 20 23:11:48 named: enforced delegation-only for 'com' (ok62928.com) Sep 20 23:11:48 named: enforced delegation-only for 'com' (ok62928.com) Sep 20 23:14:51 named: enforced delegation-only for 'com' (2mails235.com) Sep 20 23:14:51 named: enforced delegation-only for 'com' (2mails235.com) Sep 20 23:19:44 named: enforced delegation-only for 'com' (gratis-gratiss.com) Sep 20 23:19:44 named: enforced delegation-only for 'com' (gratis-gratiss.com) Sep 20 23:31:22 named: enforced delegation-only for 'com' (bosfvp.com) Sep 20 23:31:22 named: enforced delegation-only for 'com' (bosfvp.com) Sep 20 23:31:26 named: enforced delegation-only for 'com' (xvarnf.com) Sep 20 23:31:27 named: enforced delegation-only for 'com' (xvarnf.com) Sep 20 23:31:31 named: enforced delegation-only for 'com' (abdknt.com) i send this just in case anyone doubts that spammers forge sources. after the wildcard went in and before i deployed root-delegation-only at home, those would have been spams reaching my inbox. this is not much compared to a real mail server, but it is after all just my family here. (and i can assure you all that nobody typo'd the above domain names here.)
Appreciation for Bind patches
I have been following the various threads relating to Verisign and wanted to make one comment that I feel has been missing. Simply put, I would like to publicly express my appreciation to Mr. Vixie for taking the time to add the "root-delegation-only" patch for Bind. I'm fairly new to NANOG, but I'm sure that others beside myself also feel a thank you is appropriate. Andrew Fried, Senior Special Agent United States Department of the Treasury Treasury Inspector General for Tax Administration Strategic Enforcement Division 5000 Ellin Road, Room C8-100 Lanham, MD 20706 202-283-5915Office 703-980-0091Mobile email: [EMAIL PROTECTED]