[GH-ISSUE #3248] This is beyond you and also probably against your own CoC #1162

New issue

Closed

opened 2026-03-16 01:46:27 +03:00 by kerem · 4 comments

kerem commented

2026-03-16 01:46:27 +03:00

Owner

Originally created by @oerdnj on GitHub (Sep 2, 2025).
Original GitHub issue: https://github.com/hickory-dns/hickory-dns/issues/3248

Why are you building another DNS server?

Because of all the security advisories out there for BIND.
Using Rust semantics it should be possible to develop a high performance and safe DNS Server that is more resilient to attacks.

I am pretty sure you do understand that most of the serious security advisories for BIND 9 and for most of the DNS servers are about the DNS state machine and DNS protocol itself and it is not about the language itself.

Also it is a very cheap take on the work of many developers who had worked in the past on BIND 9 and provided an open-source DNS server to the Internet community.

The people in the open-source DNS community are friendly and this is really close community of people who love and develop DNS. The competition among us exists, but it is in a friendly manner. So this is me, making a sad face, that this cheap take actually hurts.

Originally created by @oerdnj on GitHub (Sep 2, 2025). Original GitHub issue: https://github.com/hickory-dns/hickory-dns/issues/3248 > Why are you building another DNS server? > > Because of all the security advisories out there for BIND. > Using Rust semantics it should be possible to develop a high performance and safe DNS Server that is more resilient to attacks. I am pretty sure you do understand that most of the serious security advisories for BIND 9 and for most of the DNS servers are about the DNS state machine and DNS protocol itself and it is not about the language itself. Also it is a very cheap take on the work of many developers who had worked in the past on BIND 9 and provided an open-source DNS server to the Internet community. The people in the open-source DNS community are friendly and this is really close community of people who love and develop DNS. The competition among us exists, but it is in a friendly manner. So this is me, making a sad face, that this cheap take actually hurts.

kerem closed this issue

2026-03-16 01:46:32 +03:00

kerem commented

2026-03-16 01:46:39 +03:00

Author

Owner

@cpu commented on GitHub (Sep 2, 2025):

Thanks for opening an issue about this. I agree it's unnecessarily inflammatory and think we should remove it: https://github.com/hickory-dns/hickory-dns/pull/3249

I don't speak for the project, but I'm personally sorry that it was there to begin with and that it hurt to read. Apologies.

@cpu commented on GitHub (Sep 2, 2025): Thanks for opening an issue about this. I agree it's unnecessarily inflammatory and think we should remove it: https://github.com/hickory-dns/hickory-dns/pull/3249 I don't speak for the project, but I'm personally sorry that it was there to begin with and that it hurt to read. Apologies.

kerem commented

2026-03-16 01:46:44 +03:00

Author

Owner

@bluejekyll commented on GitHub (Sep 2, 2025):

This was intended more as a comment about the general state of the C language, and not specifically about projects. BIND is of course foundational to DNS itself, and I’ve always held it with great esteem for everything it’s accomplished. I wrote that as the primary reason for the founding of the project from my own perspective. The fact that Hickory is written in Rust is one of its primary benefits, fwiw.

@bluejekyll commented on GitHub (Sep 2, 2025): This was intended more as a comment about the general state of the C language, and not specifically about projects. BIND is of course foundational to DNS itself, and I’ve always held it with great esteem for everything it’s accomplished. I wrote that as the primary reason for the founding of the project from my own perspective. The fact that Hickory is written in Rust is one of its primary benefits, fwiw.

kerem commented

2026-03-16 01:46:49 +03:00

Author

Owner

@oerdnj commented on GitHub (Sep 2, 2025):

Thank you for the responsiveness and understanding. I will hold a little grudge for a little longer, but it will quickly pass ;). When you have a fully functioning DNSSEC-validating resolver and possibly(1), shit hits the fan, talk to us (as in the other open-source DNS developers - we do hang out on the DNS-OARC Mattermost channel, or come to DNS-OARC meeting, RIPE meeting or possibly the IETF).

It will, the DNS protocol itself is crazy.

@oerdnj commented on GitHub (Sep 2, 2025): Thank you for the responsiveness and understanding. I will hold a little grudge for a little longer, but it will quickly pass ;). When you have a fully functioning DNSSEC-validating resolver and possibly(1), shit hits the fan, talk to us (as in the other open-source DNS developers - we do hang out on the DNS-OARC Mattermost channel, or come to DNS-OARC meeting, RIPE meeting or possibly the IETF). 1. It will, the DNS protocol itself is crazy.

kerem commented

2026-03-16 01:46:54 +03:00

Author

Owner

@vrisk commented on GitHub (Sep 2, 2025):

Thank you guys for changing this. I also have seen this cheap criticism of BIND everywhere I have read about Hickory, and it has given me a bad impression of the team and your attitude towards other open source projects. I am sorry I didn't think to as you to change it sooner, because I had, honestly, just written you off as (bad word). Anyway, I see you were happy to change it, so thank you.

@vrisk commented on GitHub (Sep 2, 2025): Thank you guys for changing this. I also have seen this cheap criticism of BIND everywhere I have read about Hickory, and it has given me a bad impression of the team and your attitude towards other open source projects. I am sorry I didn't think to as you to change it sooner, because I had, honestly, just written you off as (bad word). Anyway, I see you were happy to change it, so thank you.

kerem referenced this issue

2026-03-16 04:57:49 +03:00

[PR #1162] [CLOSED] Bump tokio-rustls from 0.13.1 to 0.14.0 #2033