From 1cb5d53b09cded8298285fdcdcc6a261f2b47afb Mon Sep 17 00:00:00 2001
From: Brian Wellington <source@isc.org>
Date: Sat, 29 Jul 2000 00:24:06 +0000
Subject: [PATCH] reflect the current state of the CD bit, and fix a typo

---
 doc/misc/dnssec | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/doc/misc/dnssec b/doc/misc/dnssec
index 8f33c98f68..b28d1af942 100644
--- a/doc/misc/dnssec
+++ b/doc/misc/dnssec
@@ -15,7 +15,7 @@ in doc/arm/Bv9ARM.4.html and the man pages.
 
 The random data used in generating DNSSEC keys and signatures comes from
 either /dev/random (if the OS supports it) or keyboard input.  Alternatively,
-the a device or file containing entropy/random data can be specified.
+a device or file containing entropy/random data can be specified.
 
 
 Serving secure zones
@@ -54,9 +54,8 @@ secured zones delegated from secure zones will not work in all cases,
 such as when the privately secured zone is served by the same server
 as an ancestor (but not parent) zone.
 
-Handling of the CD bit in queries is not yet fully implemented;
-validation is currently attempted for all recursive queries, even if
-CD is set.
+Handling of the CD bit in queries is now fully implemented.  Validation
+is not attempted for recursive queries if CD is set.
 
 
 Secure dynamic update
@@ -67,4 +66,4 @@ an update occurs.  Advanced access control is possible using the
 "update-policy" statement in the zone definition.
 
 
-$Id: dnssec,v 1.6 2000/07/14 00:03:54 bwelling Exp $
+$Id: dnssec,v 1.7 2000/07/29 00:24:06 bwelling Exp $