-
Marek Vavrusa authored
the validator module should ignore any data that will be scrubbed, that includes non-authoritative data outside current bailiwick. previously, validator attempted to ignore these records only for answer section and had a special case for NS records. cache: non-authoritative NS records are always unchecked and must be treated as insecure affected: www.iana.org trying to provide delegation information for CNAME target, which is moot with CNAME target explicit-fetch policy unless the the resolver already knows DNSKEY with which is could verify the records
78cb3f07