/contrib/bind9/doc/misc/rfc-compliance
https://bitbucket.org/freebsd/freebsd-head/ · #! · 62 lines · 53 code · 9 blank · 0 comment · 0 complexity · 9379fd42fb3b3a5653ffb5191e6f8656 MD5 · raw file
- Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC")
- Copyright (C) 2001 Internet Software Consortium.
- See COPYRIGHT in the source root or http://isc.org/copyright.html for terms.
- $Id: rfc-compliance,v 1.4 2004/03/05 05:04:53 marka Exp $
- BIND 9 is striving for strict compliance with IETF standards. We
- believe this release of BIND 9 complies with the following RFCs, with
- the caveats and exceptions listed in the numbered notes below. Note
- that a number of these RFCs do not have the status of Internet
- standards but are proposed or draft standards, experimental RFCs,
- or Best Current Practice (BCP) documents.
- RFC1034
- RFC1035 [1] [2]
- RFC1123
- RFC1183
- RFC1535
- RFC1536
- RFC1706
- RFC1712
- RFC1750
- RFC1876
- RFC1982
- RFC1995
- RFC1996
- RFC2136
- RFC2163
- RFC2181
- RFC2230
- RFC2308
- RFC2535 [3] [4]
- RFC2536
- RFC2537
- RFC2538
- RFC2539
- RFC2671
- RFC2672
- RFC2673
- RFC2782
- RFC2915
- RFC2930
- RFC2931 [5]
- RFC3007
- [1] Queries to zones that have failed to load return SERVFAIL rather
- than a non-authoritative response. This is considered a feature.
- [2] CLASS ANY queries are not supported. This is considered a feature.
- [3] Wildcard records are not supported in DNSSEC secure zones.
- [4] Servers authoritative for secure zones being resolved by BIND 9
- must support EDNS0 (RFC2671), and must return all relevant SIGs and
- NXTs in responses rather than relying on the resolving server to
- perform separate queries for missing SIGs and NXTs.
- [5] When receiving a query signed with a SIG(0), the server will only
- be able to verify the signature if it has the key in its local
- authoritative data; it will not do recursion or validation to
- retrieve unknown keys.