1*00b67f09SDavid van MoolenbroekCopyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") 2*00b67f09SDavid van MoolenbroekCopyright (C) 2001 Internet Software Consortium. 3*00b67f09SDavid van MoolenbroekSee COPYRIGHT in the source root or http://isc.org/copyright.html for terms. 4*00b67f09SDavid van Moolenbroek 5*00b67f09SDavid van MoolenbroekId: rfc-compliance,v 1.4 2004/03/05 05:04:53 marka Exp 6*00b67f09SDavid van Moolenbroek 7*00b67f09SDavid van MoolenbroekBIND 9 is striving for strict compliance with IETF standards. We 8*00b67f09SDavid van Moolenbroekbelieve this release of BIND 9 complies with the following RFCs, with 9*00b67f09SDavid van Moolenbroekthe caveats and exceptions listed in the numbered notes below. Note 10*00b67f09SDavid van Moolenbroekthat a number of these RFCs do not have the status of Internet 11*00b67f09SDavid van Moolenbroekstandards but are proposed or draft standards, experimental RFCs, 12*00b67f09SDavid van Moolenbroekor Best Current Practice (BCP) documents. 13*00b67f09SDavid van Moolenbroek 14*00b67f09SDavid van Moolenbroek RFC1034 15*00b67f09SDavid van Moolenbroek RFC1035 [1] [2] 16*00b67f09SDavid van Moolenbroek RFC1123 17*00b67f09SDavid van Moolenbroek RFC1183 18*00b67f09SDavid van Moolenbroek RFC1535 19*00b67f09SDavid van Moolenbroek RFC1536 20*00b67f09SDavid van Moolenbroek RFC1706 21*00b67f09SDavid van Moolenbroek RFC1712 22*00b67f09SDavid van Moolenbroek RFC1750 23*00b67f09SDavid van Moolenbroek RFC1876 24*00b67f09SDavid van Moolenbroek RFC1982 25*00b67f09SDavid van Moolenbroek RFC1995 26*00b67f09SDavid van Moolenbroek RFC1996 27*00b67f09SDavid van Moolenbroek RFC2136 28*00b67f09SDavid van Moolenbroek RFC2163 29*00b67f09SDavid van Moolenbroek RFC2181 30*00b67f09SDavid van Moolenbroek RFC2230 31*00b67f09SDavid van Moolenbroek RFC2308 32*00b67f09SDavid van Moolenbroek RFC2535 [3] [4] 33*00b67f09SDavid van Moolenbroek RFC2536 34*00b67f09SDavid van Moolenbroek RFC2537 35*00b67f09SDavid van Moolenbroek RFC2538 36*00b67f09SDavid van Moolenbroek RFC2539 37*00b67f09SDavid van Moolenbroek RFC2671 38*00b67f09SDavid van Moolenbroek RFC2672 39*00b67f09SDavid van Moolenbroek RFC2673 40*00b67f09SDavid van Moolenbroek RFC2782 41*00b67f09SDavid van Moolenbroek RFC2915 42*00b67f09SDavid van Moolenbroek RFC2930 43*00b67f09SDavid van Moolenbroek RFC2931 [5] 44*00b67f09SDavid van Moolenbroek RFC3007 45*00b67f09SDavid van Moolenbroek 46*00b67f09SDavid van Moolenbroek 47*00b67f09SDavid van Moolenbroek[1] Queries to zones that have failed to load return SERVFAIL rather 48*00b67f09SDavid van Moolenbroekthan a non-authoritative response. This is considered a feature. 49*00b67f09SDavid van Moolenbroek 50*00b67f09SDavid van Moolenbroek[2] CLASS ANY queries are not supported. This is considered a feature. 51*00b67f09SDavid van Moolenbroek 52*00b67f09SDavid van Moolenbroek[3] Wildcard records are not supported in DNSSEC secure zones. 53*00b67f09SDavid van Moolenbroek 54*00b67f09SDavid van Moolenbroek[4] Servers authoritative for secure zones being resolved by BIND 9 55*00b67f09SDavid van Moolenbroekmust support EDNS0 (RFC2671), and must return all relevant SIGs and 56*00b67f09SDavid van MoolenbroekNXTs in responses rather than relying on the resolving server to 57*00b67f09SDavid van Moolenbroekperform separate queries for missing SIGs and NXTs. 58*00b67f09SDavid van Moolenbroek 59*00b67f09SDavid van Moolenbroek[5] When receiving a query signed with a SIG(0), the server will only 60*00b67f09SDavid van Moolenbroekbe able to verify the signature if it has the key in its local 61*00b67f09SDavid van Moolenbroekauthoritative data; it will not do recursion or validation to 62*00b67f09SDavid van Moolenbroekretrieve unknown keys. 63