Subject: Re: Fwd: Re: Microsoft: Closed source is more secure
From: Ian Lance Taylor <ian@airs.com>
Date: 03 May 2001 09:04:28 -0700

Lynn Winebarger <owinebar@free-expression.org> writes:

> On Thursday 26 April 2001 06:02, Norbert Bollow wrote:
> > Werner Koch <wk@gnupg.org> wrote:
> > > Responsible admins don't use wu-ftp or other programs with a large
> > > record of security pitfalls.  Well, Bind is a problem because there
> > > is no other conforming and usable alternative available.
> >
> > What is the problem with djbdns (apart from the fact that it is
> > not Free Software)?
> 
> (a) personality of the author as seen in Internet postings (usenet/web pages)
> (b) poor documentation, if qmail is any indicator
> (c) odd way of writing source code, if qmail is any indicator
> (d) odd build process, if qmail is any indicator
> (e) odd license and infrequent updates to official source (if qmail ....),
>  which exacerbate the effects of b,c, and d.   

None of these say that djbdns is non-conforming or non-usable.  The
problem to be addressed is bind.  If there were a better alternative,
we could use that.  But, as far as I know, there is only djbdns, which
does work, and is secure.  (I use it myself, and I've read the
code--once adjusted to the style, it's a heck of lot easier to read
than the bind code.)

I will note that your points (a), (c), and (d) seem irrelevant, and
that I disagree with your feelings on (b).  I agree that (e) is a
problem.  With respect to the interaction of (e) and (b), I note that
the documentation is on the web, and is updated rather more frequently
than the code.

Ian