CVE 25th Anniversary
On the long-term scale of human history, 25 years is nothing.
Read postEach quarter we like to profile one of our engineers, to acquaint our customers and users with some of the people they may interact with as they use our software.
This October is the 25th birthday of one of the Internet’s most notorious email addresses, dot@dotat.at. It belongs to Tony Finch, who joined ISC in March.
Tony has been a regular on the bind-users mailing list for many years,
and one of the most prolific external contributors to BIND. His first
change to the code was committed in 2011, adding line-editing support
to nsupdate
.
“My career has been about building and operating distributed systems using open source software,” says Tony. “I’ve been lucky to have interesting jobs where we pushed the software hard, and often needed to adapt the code so that it worked the way we needed. Sometimes that meant improving the documentation, sometimes fixing usability papercuts, sometimes adding features to the core request handling loop.”
An example is BIND’s minimal-any
feature, for which Tony is
mentioned in RFC 8482. “One of our secondary zones was the target of a
DNS reflection attack which caused severe problems for one of our DNS
servers. I hacked a quick-and-dirty minimal-any patch into production
to stop the attack early, then polished it up into something other
people can use to defend themselves too.”
Before joining ISC, Tony worked at the University of Cambridge. “My first task when I joined in 2002 was to build a spam filtering system using SpamAssassin, ClamAV, and Cambridge’s own mail software Exim. The mail servers had to run their own DNS resolvers to take the heavy load of all the mail domain and DNSBL checks.”
Cambridge University was an early adopter of DNSSEC. Tony’s colleague
Chris Thompson signed the University’s zones in 2009. “That renewed my
interest in the DNS, and soon I was signing my own zone dotat.at
and
running the latest BIND with DNSSEC validation enabled on the mail
servers. When Chris retired in 2014 I was the obvious person to take
over responsibility for the University’s DNS.”
ISC is a big change for Tony. “The University was bureaucratically reluctant to let me go to conferences, or spend any money for that matter. Even renewing domain names was a chore! To my surprise, before I officially started at ISC I was already booking a trip to Vienna for an IETF meeting.”
It is a change of scope too, moving from a broad operations role to more focussed software engineering. “One of my side projects for several years has been a data structure called a ‘qp-trie’, which is beautifully well-suited to be the core data structure of a DNS server. Knot DNS has used a qp-trie for years, and I hope I can adapt it to improve BIND too. BIND’s rbtdb is notoriously difficult, and my new team mates at ISC have high hopes that we can simplify it. It’s a fun challenge, and as one of the winners of the International Obfuscated C Code Competition I certainly know what kind of code to avoid at all costs.”
Tony lives in Cambridge with his wife Rachel, two children, and a lot of books. “Rachel and I first met at a Terry Pratchett fan convention, and we’re looking forward to WorldCon in Glasgow in 2024!”
You can find out more about Tony’s work on his blog, https://dotat.at/@/, and he is active on Twitter as @fanf.
Thank you for using ISC’s software and we hope you have enjoyed this peek behind the ISC curtain. We hope that sharing a little about us helps strengthen our connection to our customers. As always, we welcome your feedback at marketing@isc.org!
What's New from ISC