Copyright (C) 2001 Internet Software Consortium.
BIND 9 is striving for strict compliance with IETF standards. We
believe this release of BIND 9 complies with the following RFCs, with
the caveats and exceptions listed in the numbered notes below. Note
that a number of these RFCs do not have the status of Internet
standards but are proposed or draft standards, experimental RFCs,
or Best Current Practice (BCP) documents. The list is non exhaustive.
The following DNS related RFC have been obsoleted
RFC2537 (Obsoleted by 3110)
RFC3152 (Obsoleted by 3596)
[1] Queries to zones that have failed to load return SERVFAIL rather
than a non-authoritative response. This is considered a feature.
[2] CLASS ANY queries are not supported. This is considered a feature.
[3] Wildcard records are not supported in DNSSEC secure zones.
[4] Servers authoritative for secure zones being resolved by BIND 9
must support EDNS0 (RFC2671), and must return all relevant SIGs and
NXTs in responses rather than relying on the resolving server to
perform separate queries for missing SIGs and NXTs.
[5] When receiving a query signed with a SIG(0), the server will only
be able to verify the signature if it has the key in its local
authoritative data; it will not do recursion or validation to
[6] Section 4 is ignored.
[7] Requires --with-idn to enable entry of IDN labels within dig,
host and nslookup at compile time. ACE labels are supported
everywhere with or without --with-idn.