Originally posted by uuallan
AFAIK, djbdns does not respond to the version.bind query.
I don't want to sound like I am bashing djbdns, because I think it is a great program.
Unless they have patched djbdns to mimick BIND for some reason, you are correct. I have a couple of private emails from the Lycos guys here somewhere, I'll see if I can find anything interesting.
I was also not trying to compare the volume of hits on these large sites with what the root servers take, but to simply point out that in all the benchmarks I've seen, djbdns outperforms BIND significantly - and runs very well on very little hardware, unlike BIND, which is very unstable at high volumes and requires mamoth hardware to support it.
Since BIND has obviously been working in it's role at Verisign, why would you start over from scratch if what you were really looking for was a more secure implementation of DNS for your root services.
I think that this quote is the more telling from their announcement
Next year it will support not only DNS lookups but also emerging protocols such as Session Initiation Protocol and Signaling Series 7 for Internet telephone calls
It appears to me that Verisign are more concerned about offering future services for $$ than they are trying to ...fix a DNS environment that is too homogeneous.
Don't get me wrong, I'm not against capitalisim - I just think that the root servers are at much higher risk if they are running proprietary software from Verisign in support of emerging technologies, than if they are running anything that's open source and has a large installed base - even buggy old BIND...