Re: Pull in upstream before 9.1 code freeze?

On 07/04/2012 10:01, Freddie Cash wrote:
> On Wed, Jul 4, 2012 at 9:51 AM, Simon L. B. Nielsen <simon@freebsd.org> wrote:
>> On Tue, Jul 3, 2012 at 9:39 PM, Doug Barton <dougb@freebsd.org> wrote:
>>> On 07/03/2012 05:39, Dag-Erling Sm鷨grav wrote:
>>>> Doug Barton <dougb@FreeBSD.org> writes:
>>>>> The correct solution to this problem is to remove BIND from the base
>>>>> altogether, but I have no energy for all the whinging that would happen
>>>>> if I tried (again) to do that.
>>>>
>>>> I don't think there will be as much whinging as you expect.  Times have
>>>> changed.
>>>>
>>>> I'm willing to import and maintain unbound (BSD-licensed validating,
>>>> recursive, and caching DNS resolver) if you remove BIND.
>>>
>>> You've got a deal!
>>>
>>> Unbound requires ldns, which is a good thing. Part of this project would
>>
>> How's the security support for ldns / unbound? For third party
>> software sitting in the 'frontline' that part is rather important.

Other than my followup where I expressed total confidence in the folks
that produce these tools, I'll leave the advocacy to Dag-Erling.

>>> also be to enable drill so that we have a command-line dns lookup tool
>>> in the base, but that's trivial once you've got ldns imported.
>>
>> Does that means loosing host(1) ?

Yes! Code must be free!!!!!11!!!!  :)

>> That would be somewhat annoying.

Again, see my followup.

> There's a version of host based on unbound.  At least, there's an
> unbound-host package for Debian Linux:

Yes, it's a SMOP. If we produced a BSDL version I'm fairly sure the
NLnet Labs guys would be interested. Dag-Erling probably wants to
contact them first to see if they are already working on something similar.

Doug

-- 

    This .signature sanitized for your protection

_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"