From owner-freebsd-arch  Mon Feb 19  1: 6:47 2001
Delivered-To: freebsd-arch@freebsd.org
Received: from w250.z064001178.sjc-ca.dsl.cnc.net (w250.z064001178.sjc-ca.dsl.cnc.net [64.1.178.250])
	by hub.freebsd.org (Postfix) with SMTP id A94AA37B401
	for <freebsd-arch@FreeBSD.ORG>; Mon, 19 Feb 2001 01:06:44 -0800 (PST)
Received: (qmail 85994 invoked by uid 1000); 19 Feb 2001 09:07:04 -0000
Date: Mon, 19 Feb 2001 01:06:42 -0800
From: Jos Backus <josb@cncdsl.com>
To: Alfred Perlstein <bright@wintelcom.net>
Cc: freebsd-arch@FreeBSD.ORG
Subject: Re: DJBDNS vs. BIND
Message-ID: <20010219010642.F56133@lizzy.bugworks.com>
Reply-To: Jos Backus <josb@cncdsl.com>
Mail-Followup-To: Alfred Perlstein <bright@wintelcom.net>,
	freebsd-arch@FreeBSD.ORG
References: <200102190547.WAA12829@usr05.primenet.com> <3A90CA94.D7CBCB65@softweyr.com> <20010218233916.J28286@lizzy.bugworks.com> <20010218235023.A95040@dragon.nuxi.com> <20010219002634.J6641@fw.wintelcom.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <20010219002634.J6641@fw.wintelcom.net>; from bright@wintelcom.net on Mon, Feb 19, 2001 at 12:26:12AM -0800
Sender: owner-freebsd-arch@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Mon, Feb 19, 2001 at 12:26:12AM -0800, Alfred Perlstein wrote:
> There's that, but where's the years of auditing and real world use
> to back up the decision to include this code in our base system?

In a sense it's a chicken and egg problem. The software is fairly young, yes.

I guess it partly depends on a human factor: whether you trust Dan to write
secure and reliable code.  However, experience has shown that FreeBSD includes
software in its base system which has shown repeatedly to be insecure and
unreliable. So this auditability argument doesn't really hold water in my
view. Besides, Dan's code should be easier to audit because it is much smaller
and much more modular.

> Sure bind has had its problems, but all djbdns seems to have is
> obfucation and a small userbase as merits.

Its userbase is growing. Maybe Dan can back this up with real numbers (I
suspect it's one of the reasons he runs these surveys he does).

I'm not sure what you mean by the obfuscation argument. People on the djb-dns
list have already come up with patches, which means that they at least have
some understanding of the code or else they would not be able to do that.
Surely the bright people of the FreeBSD project have no trouble reading Dan's
code once they set their minds to it. It's nowhere nearly as complex as the
TCP/IP stack, for example.

-- 
Jos Backus                 _/  _/_/_/        "Modularity is not a hack."
                          _/  _/   _/                -- D. J. Bernstein
                         _/  _/_/_/             
                    _/  _/  _/    _/
josb@cncdsl.com     _/_/   _/_/_/            use Std::Disclaimer;


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message