Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 11 Dec 2009 02:32:53 +0000 (UTC)
From:      Doug Barton <dougb@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-6@freebsd.org
Subject:   svn commit: r200394 - stable/6/etc/namedb
Message-ID:  <200912110232.nBB2WrRO083505@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: dougb
Date: Fri Dec 11 02:32:53 2009
New Revision: 200394
URL: http://svn.freebsd.org/changeset/base/200394

Log:
  Add a big honkin' warning about not using DNSSEC with this version
  of BIND. Also point out that it's EOL and give suggestions on upgrading.

Modified:
  stable/6/etc/namedb/named.conf

Modified: stable/6/etc/namedb/named.conf
==============================================================================
--- stable/6/etc/namedb/named.conf	Fri Dec 11 02:23:04 2009	(r200393)
+++ stable/6/etc/namedb/named.conf	Fri Dec 11 02:32:53 2009	(r200394)
@@ -8,6 +8,28 @@
 // simple mistakes, you can break connectivity for affected parties,
 // or cause huge amounts of useless Internet traffic.
 
+/*
+*************************************************************************
+*           _  _____ _____ _____ _   _ _____ ___ ___  _   _ 		*
+*	   / \|_   _|_   _| ____| \ | |_   _|_ _/ _ \| \ | |		*
+*	  / _ \ | |   | | |  _| |  \| | | |  | | | | |  \| |		*
+*	 / ___ \| |   | | | |___| |\  | | |  | | |_| | |\  |		*
+*	/_/   \_\_|   |_| |_____|_| \_| |_| |___\___/|_| \_|		*
+*									*
+*************************************************************************
+
+The version of BIND in the RELENG_6 branch (FreeBSD 6.x) is NOT suitable
+for use with DNSSEC, either as a validating resolver or an authoritative
+name server.  If you plan to use DNSSEC for any purpose you should use a
+newer version of BIND, preferably version 9.6.x or higher.
+
+Additionally, this version of BIND (9.3.x) is beyond its End Of Life (EOL)
+date and is no longer supported by ISC.
+
+Newer versions are available in the ports tree (e.g., /usr/ports/dns/bind96)
+or by upgrading your FreeBSD installation to version 8.0 or higher.
+*/
+
 options {
 	// Relative to the chroot directory, if any
 	directory	"/etc/namedb";

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200912110232.nBB2WrRO083505>