Hello, In line with ISC's deprecation policy, I am notifying the mailing list of our intent to remove support for Response-Policy Server support.
Back in 2018, Farsight Security[1] contributed a patch to BIND that was an optional replacement to our native RPZ implementation. At that time, our RPZ implementation wasn’t scaling very well, and we accepted the patch. This patch, however, only worked with Farsight’s own RPZ service, so its utility is limited to Farsight customers. We do not think this patch really belongs in open source BIND 9 version. Removing the feature that has limited user-base will allow us to improve the RPZ (Response-Policy Zones) feature that's native to BIND 9 and available to all BIND 9 users. The feature is called DNSRPS, or the Response Policy Server. Farsight called it “FastRPZ”, but in the ARM it is called the Response Policy Server[2]. The support for DNSRPS/FastRPZ will be deprecated as of BIND 9.20 and removed in BIND 9.21/9.22. 1. Since then Farsight Security has been acquired by DomainTools. 2. https://bind9.readthedocs.io/en/latest/reference.html#namedconf-statement-dnsrps-enable. Cheers, -- Ondřej Surý (He/Him) ond...@isc.org My working hours and your working hours may be different. Please do not feel obligated to reply outside your normal working hours. -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
