Re: Federal Government Interest in your patch progress

[chuck goolsbee <chucklist () forest net>]

> > The question is how can we as an interdependent industry close the
> > gaps of the "Bubba" SPs and their software upgrade policies?

The depends upon your definition of a "Bubba SP" I guess. Does that 
mean small? If so we might qualify.

Or does "Bubba" mean not listening to lists like this?


> >         That being said, is there anyone keeping metrics of what upgrades
> >  have been done so far?

Like everyone else (I hope!) we're tracking progress in *our* 
network. The hard part, besides flogging reluctant server owners, is 
that some OS' are still lacking in "official" patches.

Apple for example. Not a peep from them, and as you would expect 
those server owners are not the sort to install anything unless it 
shows up in their Software Update app. Has anyone heard any ETA on a 
patch from Cupertino? Short of unplugging customers there's not much 
we can do with those... except wait.


> OARC is
> also coordinating a notification effort in conjunction with lawrence baldwin
> of MyNetWatchman.

We've seen those at our "abuse@" account, and they are helpful. Keep 
sending them. If we qualify as "bubba" that works.

> > Personally, I see this event as major driver for deploying dnssec.

Agreed. Patching is just a band-aid and this really needs to be an amputation.


--chuck

"On any given day, there's always something broken somewhere.
In DNS, there's always something broken everywhere."
                   --Paul Vixie  @ 4:20 PM 3/31/07, on NANOG