Slashdot Mirror

← Back to Stories (view on slashdot.org)

How Free is BIND 8.2?

Posted by ryuzaki0 on from the keepers-of-the-free-software-flame dept.

Bun writes "It looks like one of the foundations of the Internet may no longer be truly "Open Source". Apparently, the license restrictions on BIND 8.2 do not meet the Debian Free Software Guidelines (DFSG). Check out the Linux Weekly News for details. "

5 of 86 comments (clear)

  1. Non-DFSG == non-open-source, pretty much. by Paul+Crowley · · Score: 4

    The Open Source Definition is pretty much the same as the Debian Free Software Guidelines, both by Bruce Perens, so if it doesn't meet the standards of one it won't meet the standards of the other. However I'm sure it'll soon meet both. And widespread use of DNSsec would be an *excellent* thing.
    --

    --
    Xenu loves you!
  2. So what if you can't split the code? by Decibel · · Score: 4

    As I understand it, the problem here is that you can't seperate the RSA code from the rest of the BIND code and redistribute it; you can only use it with BIND.

    So what?

    Is it so horrible that a company is giving away something that they developed, but that they don't want people spreading it around other than for the purpose they envisioned it for? They don't even say that you can't modify it, only that they retain the rights to incorporate your modifications.

    RSA's solution works, and it is free to use, even if it's not as free as some would like. I fully support open source and free software, but I also respect that some people or companies want to retain some forms of control.

    Is this a special case because it involved a piece of software that is crucial to the operation of the internet? I don't know. If it becomes a real issue in the future, then a solution can be found, but it seems that people are only making a stink about it right now because it's not 100% absolutely, completely free for everyone to use however they want. In other words, open source zealotry.

    I'm sorry if I sound negative about this, but I get frustrated when people get upset about a piece of free software because it's not licensed exactly the way they want. To quote an American expression, 'Why look a gift horse in the mouth?'

    Instead of trying to re-invent something that works and is free to use, why not just move on and tackle other issues?

  3. Debian scrapes at old wound, might get some action by anticypher · · Score: 4

    When RSA asked if their code could become the de-facto standard for protecting AXFR and IXFR transfers in Bind 8, they were told they would have to offer up a completely free version with "no restrictions whatsoever", including export restrictions from the U.S. and no EULAs or patent/copyright problems. See comp.protocols.domains.* in dejanews for a long history of the discussion.

    There was a lot of talk at the time about whether the RSA code was truly free. General opinion was that it was not, but people have been using the code and just shrugging it off. Others preferred PGP or similar variations, but the strong crypto meant the ISC couldn't make the source available for free anonymous download. But the majority of voices wanted only one standard, since this stuff is pretty complex and having to support PGP/RSA/BlowFish/Joe'sXORhack would have been a nightmare.

    Now I expect some clients to start asking me about this, since I tend to put the latest Bind in every project I build. Seems that every client site I've been on, the techies all start reading slashdot :-) and following the issues.

    the AC

    --
    Hemos is like...sci-fi fans;he thinks technology is cool, but he hasn't bothered to understand the science it's based on
  4. Being worked out. by Razron · · Score: 5

    The problems are being worked out.

    The reason it is going to have problems is because
    they are adding RSA into the newer version to
    allow security transfers of zone files.

    They are trying to add an option to have no rsa
    as a build option.

  5. Re:Diffie Hellman by disappear · · Score: 5

    > Why didn't the BIND folks use Diffie-Hellman
    > instead? Couldn't this section of BIND be
    > rewritten to use Diffie-Hellman?

    Well, it could be, but D-H is broken. (See Schnier's _Applied_Cryptography_ for details.) The D-H patents only mattered (until they expired) because they applied to all future, better ways of doing the same thing. (Because that's what patents protect.)

    > How is it that you are allowed to export the
    > source code for RSA as long as you intend to use
    > it for authentication?

    Because that's the law. (Well, Federal Regulation, actually, but enforced as law.) Encryption code used only for authentication and not actually for encryption (ie, digital signature-only stuff) is 100% exportable. (Read Schnier for more, again.)

    Of course (not that there's really any 'of course' about it), you can pretty much turn any digital signature software into data encryption. So it really doesn't make much difference.


    > Can I export a cruise missle to Libya as long as > it's intended to be used as a lawn ornament?

    Depends how much the Lybians contribute to the next presidential campaign. (Hey, it worked for the Chinese!)