From owner-freebsd-security@FreeBSD.ORG  Sun Jul  8 22:44:33 2012
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 9B69B106564A;
	Sun,  8 Jul 2012 22:44:33 +0000 (UTC) (envelope-from dan@obluda.cz)
Received: from smtp1.ms.mff.cuni.cz (smtp1.ms.mff.cuni.cz
	[IPv6:2001:718:1e03:801::4])
	by mx1.freebsd.org (Postfix) with ESMTP id 23EDC8FC08;
	Sun,  8 Jul 2012 22:44:32 +0000 (UTC)
Received: from kgw.obluda.cz (kgw.obluda.cz [193.179.199.50])
	by smtp1.ms.mff.cuni.cz (8.14.5/8.14.5) with ESMTP id q68MiUch055967;
	Mon, 9 Jul 2012 00:44:31 +0200 (CEST) (envelope-from dan@obluda.cz)
Message-ID: <4FFA0D4E.3050507@obluda.cz>
Date: Mon, 09 Jul 2012 00:44:30 +0200
From: Dan Lukes <dan@obluda.cz>
User-Agent: Mozilla/5.0 (X11; FreeBSD amd64;
	rv:12.0) Gecko/20120604 Firefox/12.0 SeaMonkey/2.9.1
MIME-Version: 1.0
To: freebsd-security@freebsd.org
References: <CA+QLa9B-Dm-=hQCrbEgyfO4sKZ5aG72_PEFF9nLhyoy4GRCGrA@mail.gmail.com>
	<4FF2E00E.2030502@FreeBSD.org> <86bojxow6x.fsf@ds4.des.no>
	<89AB703D-E075-4AAC-AC1B-B358CC4E4E7F@lists.zabbadoz.net>
	<4FF8C3A1.9080805@FreeBSD.org>
	<0AFE3C4A-22DB-4134-949F-4D05BBFC4C6C@lists.zabbadoz.net>
	<4FF8CA35.7040209@FreeBSD.org>
	<CA+tpaK1R1miXTJv8YJUMZWQcKFk7RPDePDBiCEMdWHZX=qksSQ@mail.gmail.com>
	<4FF952FB.10200@FreeBSD.org>
	<alpine.BSF.2.00.1207081130540.2035@wojtek.tensor.gdynia.pl>
	<4FF99C12.8070004@obluda.cz> <4FFA01D7.8090807@FreeBSD.org>
In-Reply-To: <4FFA01D7.8090807@FreeBSD.org>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Cc: FreeBSD Hackers <freebsd-hackers@freebsd.org>
Subject: Re: Replacing BIND with unbound (Was: Re: Pull in upstream before
 9.1 code freeze?)
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 08 Jul 2012 22:44:33 -0000

On 07/08/12 23:55, Doug Barton:
> On 07/08/2012 07:41, Dan Lukes wrote:
...
> Sorry, you're not understanding what is being proposed. Specifically
> you're confusing the system stub resolver (the bit that's compiled into
> libc, and used by binaries) and the resolving name server (BIND). No one
> is proposing to replace the stub.


libc stub resolver is BIND code based, so I assumed that arguments 
against BIND apply to it as well.

I'm happy it's not true.

In my humble opinion, no resolving name server need to be part of base 
at all. We have no DHCP, VPN, RADIUS, WWW, ... server in the base as well.


Thank you for clarifying.

Dan