[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: BIND will completely drop D-BUS dynamic forwarders table support



On Fri, 7 Dec 2007, Adam Tkac wrote:
Why? Generally dnsmasq (or other lightweight) DNS server beat BIND
with executable size and performance on one processor systems. In
other cases like functionality, performance on multi cores and
portability beat BIND other servers. And as I wrote above future of
DNS is in DNSSEC. And I'm not sure if dnsmasq author is eager to
implement it. That's why BIND should not be marked as irrelevant on this
field.

 Okay, so I asked him.
 His reply:

You're right that dnsmasq attempts to preserve security information: to the extent that signed packets are passed through bit-perfect to avoid breaking the signature, It doesn't, however actually know about DNSSEC at all.

My attitude is that I'm very happy to take a patch which implements checking (preferably with suitable #ifdefs so it can be ommitted, if it's big). I'm not in a position to do the work myself at the moment. I don't have the knowledge, and I don't have the time to aquire it.

 IOW, our standard mantra: "patches accepted." :-)

     Jima


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]