From 604f8e7797ce82cc247a12d12da70a1fe55d15a0 Mon Sep 17 00:00:00 2001 From: Matthijs Mekking Date: Mon, 15 Jan 2024 09:17:01 +0100 Subject: [PATCH 1/2] Improve parental-agents definition in ARM "A parental agent is the entity that is allowed to change a zone's delegation information" is untrue, because it is possible to use some hidden server or a validating resolver. Also the new text makes it more clear that named sends DS queries to these servers. --- doc/arm/reference.rst | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/doc/arm/reference.rst b/doc/arm/reference.rst index 3ebcfc82a5..5949ec14bd 100644 --- a/doc/arm/reference.rst +++ b/doc/arm/reference.rst @@ -1060,10 +1060,10 @@ responses such as NXDOMAIN. :any:`parental-agents` Block Definition and Usage ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -:any:`parental-agents` lists allow for a common set of parental agents to be easily -used by multiple primary and secondary zones. -A parental agent is the entity that is allowed to -change a zone's delegation information (defined in :rfc:`7344`). +:any:`parental-agents` lists allow for a common set of parental agents to be +easily used by multiple primary and secondary zones. A "parental agent" is a +trusted DNS server that is queried to check if DS records for a given zones +are up-to-date. :any:`primaries` Block Grammar ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From ab9c62f4b9f09580632ed23650cbf5993d1430b6 Mon Sep 17 00:00:00 2001 From: Matthijs Mekking Date: Mon, 15 Jan 2024 09:19:28 +0100 Subject: [PATCH 2/2] Add CHANGES for #4531 Improve ARM parental-agents definition. --- CHANGES | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGES b/CHANGES index 4568845a5b..b9e4a349c5 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,5 @@ +6334. [doc] Improve ARM parental-agents definition. [GL #4531] + 6333. [bug] Fix the DNS_GETDB_STALEFIRST flag, which was defined incorrectly in lib/ns/query.c. [GL !8683]