1Copyright (C) 2004 Internet Systems Consortium, Inc. ("ISC") 2Copyright (C) 2001 Internet Software Consortium. 3See COPYRIGHT in the source root or http://isc.org/copyright.html for terms. 4 5Id: rfc-compliance,v 1.4 2004/03/05 05:04:53 marka Exp 6 7BIND 9 is striving for strict compliance with IETF standards. We 8believe this release of BIND 9 complies with the following RFCs, with 9the caveats and exceptions listed in the numbered notes below. Note 10that a number of these RFCs do not have the status of Internet 11standards but are proposed or draft standards, experimental RFCs, 12or Best Current Practice (BCP) documents. 13 14 RFC1034 15 RFC1035 [1] [2] 16 RFC1123 17 RFC1183 18 RFC1535 19 RFC1536 20 RFC1706 21 RFC1712 22 RFC1750 23 RFC1876 24 RFC1982 25 RFC1995 26 RFC1996 27 RFC2136 28 RFC2163 29 RFC2181 30 RFC2230 31 RFC2308 32 RFC2535 [3] [4] 33 RFC2536 34 RFC2537 35 RFC2538 36 RFC2539 37 RFC2671 38 RFC2672 39 RFC2673 40 RFC2782 41 RFC2915 42 RFC2930 43 RFC2931 [5] 44 RFC3007 45 46 47[1] Queries to zones that have failed to load return SERVFAIL rather 48than a non-authoritative response. This is considered a feature. 49 50[2] CLASS ANY queries are not supported. This is considered a feature. 51 52[3] Wildcard records are not supported in DNSSEC secure zones. 53 54[4] Servers authoritative for secure zones being resolved by BIND 9 55must support EDNS0 (RFC2671), and must return all relevant SIGs and 56NXTs in responses rather than relying on the resolving server to 57perform separate queries for missing SIGs and NXTs. 58 59[5] When receiving a query signed with a SIG(0), the server will only 60be able to verify the signature if it has the key in its local 61authoritative data; it will not do recursion or validation to 62retrieve unknown keys. 63