All of a sudden this djbdns is starting to sound like an idea...
(second post) While the idea of another program to serve DNS isn't all that bad, I think jumping ship just because of one new policy isn't necessarily the most prudent thing to do. I sort of see this "Oh my lord, if Bush gets elected I'm renouncing my citizenship and moving to Europe" mentality WRT to new BIND policy. Bush is in office, and I don't see anyone leaving the country :-) WRT djbdns: I've had a moderate level of experience with it, and, while it seems interesting to an extent, operationally I've had several annoying encounters with it. When challenged, I seem to get the reply of "maybe some time later it will have that" or "that is insecure, djb doesn't support that". djbdns is also very infant - it's probably not popular enough for all the skr1pt k1dd13s to have an interest in hacking at, because finding a vulnerability in djbdns is about as useful to the "wreaker or havoc" as finding a master door and ignition key to a '58 pinto -- there's about 17 of them on the planet :-) * WRT bind: I don't think that the infrastructures that I run have DNS of significant enough impact to require first-alert notification, and the stuff that I *do* run that *does* requires it has outsourced DNS - so .. I don't think I'll be subscribing to "commercial advanced notification" (unless I make Paul's A-List and get it comp), but I dont think what the BIND project is doing is out of line in any way. Nobody seems to understand or appreciate the work that has gone into bind, and everyone's mad that one little aspect of something that they've been getting for free, for years, isn't free anymore. It's software. It requires man-hours, time, effort, resources and above all talent.. It's not like BIND is being discontinued and made commercial-only. (Even then I dont think many would have valid argument). I fail to see the point of discussing or arguing partial commercialization of premium services -- I haven't seen one valid point yet. jamie -- i am jamie at arpa dot com .. and this is my .sig. core1.dns.microsoft.com# sho access-list 101 Extended IP access list 101 deny udp any any eq domain (874572345872345 matches)