Re: BIND, djbdns, commercialization
I fail to see the point of discussing or arguing partial commercialization of premium services -- I haven't seen one valid point yet.
Point is, knowing how many organizations rely on their software, and outright saying that they will NOT let people know about bugs as soon as they do, even if they are willing to pay for it, just doesn't seem right. What makes Sun having this information more important than me? I'd have no problem if Vixie went the Allman route, saying "OK, we're going to start charging for support. If you want to know about bugs soon after we do, pay us $X. If not, use at your own risk." But, they're saying "We're only going to let people who we want to know about the bugs know about them. The rest of you can hear about it on the evening news." Even after they started sendmail.com, Allman and his crew have been very good about releasing new sendmail patches themselves, not making you wait for CERT Advisories, etc. Maybe The Sendmail Consortium just realizes that if it wasn't for the people using, breaking, and making suggestions about code updates for 10+ years, they wouldn't have the business they have now. Maybe ISC is forgetting that. Jeff -- Jeffrey Meltzer Sr. Network Administrator VillageWorld.com, Inc. SolarisGuide: http://www.solarisguide.com
On Sat, Feb 03, 2001 at 04:19:01PM -0500, Jeffrey Meltzer wrote:
I'd have no problem if Vixie went the Allman route, saying "OK, we're going to start charging for support. If you want to know about bugs soon after we do, pay us $X. If not, use at your own risk."
Agreed. Likewise, I'd give some thought to using BIND again -- even paying for it -- if some commercial Vixie entity put out something like: lynx -dump http://cr.yp.to/djbdns/guarantee.html | sed -e s/"D. J. Bernstein"/ISC/g -e s/djbdns/BIND/g -adam
On Sat, Feb 03, 2001 at 04:53:30PM -0500, Adam Rothschild wrote:
Agreed. Likewise, I'd give some thought to using BIND again -- even paying for it -- if some commercial Vixie entity put out something like:
lynx -dump http://cr.yp.to/djbdns/guarantee.html | sed -e s/"D. J. Bernstein"/ISC/g -e s/djbdns/BIND/g
Yeah, that's some guarantee there, you betcha... Specifically, the parts that read: "I offer $500 to the first person to publicly report a verifiable security hole in the latest version of djbdns" AND: "My judgment is final as to what constitutes a security hole in djbdns." It's easy to offer money to your users when only 5 people worldwide use your software. (And I'm convinced at least 4 of them are on this list.) --msa
On Sat, 3 Feb 2001, Adam Rothschild wrote: > I'd give some thought to using BIND again -- even paying for it -- > if some commercial Vixie entity put out something like: > > lynx -dump http://cr.yp.to/djbdns/guarantee.html | sed -e s/"D. J. Bernstein"/ISC/g -e s/djbdns/BIND/g If I had a nickle for every time I've heard somebody tell a salesperson "sure I'd buy your product if it only did X skanky customer-specific hack" I wouldn't need to work for a living. So let me make sure I understand this: You're saying you'd pay for something that's currently free, if they would in turn pay people for reporting bugs, which people currently do for free. Is that right? If that's what you're saying, why don't you just pay them directly? I think the BIND project can better use its resources working on BIND than acting as a clearinghouse for your beneficence. -Bill
participants (4)
-
Adam Rothschild
-
Bill Woodcock
-
Jeffrey Meltzer
-
Majdi S. Abbas