From owner-freebsd-stable@FreeBSD.ORG  Tue Jul 30 16:01:25 2013
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTP id 20BD4AB9
 for <freebsd-stable@freebsd.org>; Tue, 30 Jul 2013 16:01:25 +0000 (UTC)
 (envelope-from daniel@digsys.bg)
Received: from smtp-sofia.digsys.bg (smtp-sofia.digsys.bg [193.68.21.123])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mx1.freebsd.org (Postfix) with ESMTPS id 97BCF2C90
 for <freebsd-stable@freebsd.org>; Tue, 30 Jul 2013 16:01:24 +0000 (UTC)
Received: from dcave.digsys.bg (dcave.digsys.bg [193.68.6.1])
 (authenticated bits=0)
 by smtp-sofia.digsys.bg (8.14.6/8.14.6) with ESMTP id r6UG1M3N000488
 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO)
 for <freebsd-stable@freebsd.org>; Tue, 30 Jul 2013 19:01:22 +0300 (EEST)
 (envelope-from daniel@digsys.bg)
Message-ID: <51F7E352.30300@digsys.bg>
Date: Tue, 30 Jul 2013 19:01:22 +0300
From: Daniel Kalchev <daniel@digsys.bg>
User-Agent: Mozilla/5.0 (X11; FreeBSD amd64;
 rv:17.0) Gecko/20130627 Thunderbird/17.0.7
MIME-Version: 1.0
To: freebsd-stable@freebsd.org
Subject: Re: Bind in FreeBSD, security advisories
References: <CAO+PfDctepQY0mGH7H+gOSm4HJwhe-RCND+mxAArnRxpWiCsjg@mail.gmail.com>
 <1375186900.23467.3223791.24CB348A@webmail.messagingengine.com>
 <51F7B5C7.6050008@digsys.bg>
 <CAOgwaMt4G02yhU0cbiq_EEwhi4=mgt2kLGJf0Rgb8t9wECsGJA@mail.gmail.com>
 <51F7C07C.9060606@digsys.bg> <op.w01e3qhl8527sy@ronaldradial.versatec.local>
In-Reply-To: <op.w01e3qhl8527sy@ronaldradial.versatec.local>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-stable>,
 <mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
 <mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Jul 2013 16:01:25 -0000


On 30.07.13 16:44, Ronald Klop wrote:
> On Tue, 30 Jul 2013 15:32:44 +0200, Daniel Kalchev <daniel@digsys.bg> 
> wrote:
>
>>
>> Back to the topic :)
>>
>> My take on this is that removing BIND from the base today is.. 
>> irresponsible. First, most who use FreeBSD expect an DNS server to be 
>> readily available.
>
> Interesting. What are your statistics of 'most' based on?

Unfortunately, not much objective statistics. The bsdstats sample is 
rather small and obviously biased (towards people who would share their 
config, mostly).

I was hoping for some usable data from the Open Resolver Project 
(http://openresolverproject.org/)but there is not much useful 
information for this purpose there either. It is also very unlikely a 
pool would result in any meaningful data...

But here is an idea: Remove BIND from HEAD overnight and see how many 
will complain ;-)
If nobody complains, don't put it back in.

Daniel