3 Feb
2001
3 Feb
'01
4:28 p.m.
From: Adam Rothschild [mailto:asr@latency.net] Sent: Saturday, February 03, 2001 1:20 PM
Why not just notify everyone at once? That way, when vulnerabilities are discovered, people can take whatever action they deem appropriate to protect their infrastructure (write/release their own set of BIND patches? upgrade to djbdns? decide DNS is too daunting to manage in-house, and outsource to Nominum or UltraDNS instead?), rather than remain vulnerable, pending an official announcement from the appropriate sources.
Perhaps I'm missing something, isn't that what ISC does on the web-site already?