From owner-freebsd-hackers@FreeBSD.ORG  Wed Jul  4 21:15:56 2012
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx2.freebsd.org (mx2.freebsd.org [69.147.83.53])
	by hub.freebsd.org (Postfix) with ESMTP id 7597D1065676;
	Wed,  4 Jul 2012 21:15:56 +0000 (UTC)
	(envelope-from dougb@FreeBSD.org)
Received: from opti.dougb.net (hub.freebsd.org [IPv6:2001:4f8:fff6::36])
	by mx2.freebsd.org (Postfix) with ESMTP id 846C61505F4;
	Wed,  4 Jul 2012 21:14:49 +0000 (UTC)
Message-ID: <4FF4B249.4010107@FreeBSD.org>
Date: Wed, 04 Jul 2012 14:14:49 -0700
From: Doug Barton <dougb@FreeBSD.org>
Organization: http://SupersetSolutions.com/
User-Agent: Mozilla/5.0 (X11; FreeBSD i386;
	rv:13.0) Gecko/20120624 Thunderbird/13.0.1
MIME-Version: 1.0
To: Freddie Cash <fjwcash@gmail.com>
References: <CA+QLa9B-Dm-=hQCrbEgyfO4sKZ5aG72_PEFF9nLhyoy4GRCGrA@mail.gmail.com>
	<4FF2E00E.2030502@FreeBSD.org> <86bojxow6x.fsf@ds4.des.no>
	<4FF35864.5030109@FreeBSD.org>
	<CAC8HS2Hx+qV1zYSzyM6wYzbyA6BStd3HEwc-VDhv40DHM=qCvw@mail.gmail.com>
	<CAOjFWZ5ikPz_yDhEQutiXVG354qRHYJTn-M_S4Cx-=YRgFP7eQ@mail.gmail.com>
In-Reply-To: <CAOjFWZ5ikPz_yDhEQutiXVG354qRHYJTn-M_S4Cx-=YRgFP7eQ@mail.gmail.com>
X-Enigmail-Version: 1.4.2
OpenPGP: id=1A1ABC84
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
Cc: freebsd-security@freebsd.org, freebsd-hackers@freebsd.org,
	"Simon L. B. Nielsen" <simon@freebsd.org>,
	=?ISO-8859-1?Q?Dag-Erling_Sm=F8rgrav?= <des@des.no>
Subject: Re: Pull in upstream before 9.1 code freeze?
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Jul 2012 21:15:56 -0000

On 07/04/2012 10:01, Freddie Cash wrote:
> On Wed, Jul 4, 2012 at 9:51 AM, Simon L. B. Nielsen <simon@freebsd.org> wrote:
>> On Tue, Jul 3, 2012 at 9:39 PM, Doug Barton <dougb@freebsd.org> wrote:
>>> On 07/03/2012 05:39, Dag-Erling Smørgrav wrote:
>>>> Doug Barton <dougb@FreeBSD.org> writes:
>>>>> The correct solution to this problem is to remove BIND from the base
>>>>> altogether, but I have no energy for all the whinging that would happen
>>>>> if I tried (again) to do that.
>>>>
>>>> I don't think there will be as much whinging as you expect.  Times have
>>>> changed.
>>>>
>>>> I'm willing to import and maintain unbound (BSD-licensed validating,
>>>> recursive, and caching DNS resolver) if you remove BIND.
>>>
>>> You've got a deal!
>>>
>>> Unbound requires ldns, which is a good thing. Part of this project would
>>
>> How's the security support for ldns / unbound? For third party
>> software sitting in the 'frontline' that part is rather important.

Other than my followup where I expressed total confidence in the folks
that produce these tools, I'll leave the advocacy to Dag-Erling.

>>> also be to enable drill so that we have a command-line dns lookup tool
>>> in the base, but that's trivial once you've got ldns imported.
>>
>> Does that means loosing host(1) ?

Yes! Code must be free!!!!!11!!!!  :)

>> That would be somewhat annoying.

Again, see my followup.

> There's a version of host based on unbound.  At least, there's an
> unbound-host package for Debian Linux:

Yes, it's a SMOP. If we produced a BSDL version I'm fairly sure the
NLnet Labs guys would be interested. Dag-Erling probably wants to
contact them first to see if they are already working on something similar.

Doug

-- 

    This .signature sanitized for your protection