updates aren't on by default, and according to rfc 2136 dns updates are not
recommended except from "localhost" which is assumed to be secure. (though
i wish that more system vendors would disallow source-address 127.0.0.1 from
coming in off the network.) for this reason we have not published a patch
to bind-8.1.1. i expect that we will put bind-8.1.2 into beta testing in a
few weeks. (note that we still won't have support for rfc 2137 or TSIG; if
any system vendors would like to fund that effort, we'd love to work on it.)
mountain. molehill.