The four organizations who maintain your favorite open-source DNS software, ISC, CZ.NIC, PowerDNS and NLnet Labs, gave a lighting talk at @dnsoarc 46 about the avalanche of LLM-assisted security reports for their projects, and the effect it has on us and our users.

The last slide ends on a “Hug your OSS maintainer" note, but I think this is understating the gravity of this situation. I hope we put forward a stronger message during the repeat of this presentation at RIPE 92.

People need to consider that we are in a situation where developers with talent, purpose and experience have created something valuable for the internet community over the last 20+ years. They could have chosen to work at $MEGACORP for twice, three times the pay, but they chose to do something meaningful.

Now, the body of work they carefully designed and maintained over the last decades is being picked apart by an LLM. Yes, as a result the products become some definition of “more secure” but there is no reasonable prospect that this avalanche of reports will end. Ignoring them is not an option. Feature development has come to a halt.

As an employer, what am I supposed to tell my developers? Thanks for creating this amazing DNS software over the last 20 years, it looks like you’ll spend the next couple of years triaging and fixing bugs and coordinating CVEs with your peers.

How do we keep people motivated to do open source and even if we do, how do we keep this development model sustainable? We can’t pivot to the ‘agentic era’ just like that and even if we could, I think my colleagues do this job to create something amazing—artisanal if you will—not to to maximize output at all costs so shareholders get rich.

Practically though, encouraging organizations to purchase a support contract will certainly help on the short term, because:

- You will get access to world class support;
- You will get early security vulnerability notices under NDA, keeping your critical infrastructure safe from a whole new class of LLM fueled risks; and
- In the grand scheme of things, you will help keep this open source model sustainable so your favorite DNS software continues to exist and thrive.

#DNS #LoveDNS #LLM #FOSS #OpenSource #RIPE92

https://indico.dns-oarc.net/event/56/contributions/1233/

Automatic authenticated DNSSEC Bootstrapping in PowerDNS Authoritative

https://blog.powerdns.com/2026/05/12/automatic-authenticated-dnssec-bootstrapping-in-powerdns-authoritative-server

#dns #dnssec

Congrats! Your new job is: arguing with a bot. Multiple bots. And people outsourcing their brain to bots. But mostly bots.

Sometimes you have to social engineer the bots to do your bidding. Sometimes you have to pit the bots against each other. But make no mistake, it's arguing with the bots.

That, and email. And meetings.

How beauteous mankind is! O brave new world,
That has such people in't.