regen master

2025-09-03 16:15:27 +00:00 · 2012-06-26 01:04:21 +00:00
parent 7d648d0d3a
commit c3dc968140
25 changed files with 218 additions and 212 deletions
--- a/doc/arm/Bv9ARM.ch04.html
+++ b/doc/arm/Bv9ARM.ch04.html
@@ -70,33 +70,33 @@
 </dl></dd>
 <dt><span class="sect1"><a href="Bv9ARM.ch04.html#dnssec.dynamic.zones">DNSSEC, Dynamic Zones, and Automatic Signing</a></span></dt>
 <dd><dl>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2608908">Converting from insecure to secure</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2608916">Converting from insecure to secure</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2608946">Dynamic DNS update method</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2563556">Dynamic DNS update method</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2563585">Fully automatic zone signing</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2563592">Fully automatic zone signing</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2563756">Private-type records</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2563764">Private-type records</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2563794">DNSKEY rollovers</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2563801">DNSKEY rollovers</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2563806">Dynamic DNS update method</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2563814">Dynamic DNS update method</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2563908">Automatic key rollovers</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2563915">Automatic key rollovers</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2563934">NSEC3PARAM rollovers via UPDATE</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2563942">NSEC3PARAM rollovers via UPDATE</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2563944">Converting from NSEC to NSEC3</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2563952">Converting from NSEC to NSEC3</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2563954">Converting from NSEC3 to NSEC</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2582666">Converting from NSEC3 to NSEC</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2582672">Converting from secure to insecure</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2582679">Converting from secure to insecure</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2582709">Periodic re-signing</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2582716">Periodic re-signing</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2582718">NSEC3 and OPTOUT</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2582726">NSEC3 and OPTOUT</a></span></dt>
 </dl></dd>
 <dt><span class="sect1"><a href="Bv9ARM.ch04.html#rfc5011.support">Dynamic Trust Anchor Management</a></span></dt>
 <dd><dl>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2608352">Validating Resolver</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2608359">Validating Resolver</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2608374">Authoritative Server</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2608381">Authoritative Server</a></span></dt>
 </dl></dd>
 <dt><span class="sect1"><a href="Bv9ARM.ch04.html#pkcs11">PKCS #11 (Cryptoki) support</a></span></dt>
 <dd><dl>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2608546">Prerequisites</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2653336">Prerequisites</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2609594">Building BIND 9 with PKCS#11</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2609533">Building BIND 9 with PKCS#11</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2636138">PKCS #11 Tools</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2636146">PKCS #11 Tools</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2636169">Using the HSM</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2636177">Using the HSM</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2636368">Specifying the engine on the command line</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2636375">Specifying the engine on the command line</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2636413">Running named with automatic zone re-signing</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2636421">Running named with automatic zone re-signing</a></span></dt>
 </dl></dd>
 <dt><span class="sect1"><a href="Bv9ARM.ch04.html#id2572696">IPv6 Support in <acronym class="acronym">BIND</acronym> 9</a></span></dt>
 <dd><dl>
@@ -1065,7 +1065,7 @@ options {
  from insecure to signed and back again. A secure zone can use
  either NSEC or NSEC3 chains.</p>
 <div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title">
-<a name="id2608908"></a>Converting from insecure to secure</h3></div></div></div></div>
+<a name="id2608916"></a>Converting from insecure to secure</h3></div></div></div></div>
 <p>Changing a zone from insecure to secure can be done in two
  ways: using a dynamic DNS update, or the 
  <span><strong class="command">auto-dnssec</strong></span> zone option.</p>
@@ -1091,7 +1091,7 @@ options {
  well. An NSEC chain will be generated as part of the initial
  signing process.</p>
 <div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title">
-<a name="id2608946"></a>Dynamic DNS update method</h3></div></div></div></div>
+<a name="id2563556"></a>Dynamic DNS update method</h3></div></div></div></div>
 <p>To insert the keys via dynamic update:</p>
 <pre class="screen">
        % nsupdate
@@ -1127,7 +1127,7 @@ options {
 <p>While the initial signing and NSEC/NSEC3 chain generation
  is happening, other updates are possible as well.</p>
 <div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title">
-<a name="id2563585"></a>Fully automatic zone signing</h3></div></div></div></div>
+<a name="id2563592"></a>Fully automatic zone signing</h3></div></div></div></div>
 <p>To enable automatic signing, add the 
  <span><strong class="command">auto-dnssec</strong></span> option to the zone statement in 
  <code class="filename">named.conf</code>. 
@@ -1183,7 +1183,7 @@ options {
  configuration. If this has not been done, the configuration will
  fail.</p>
 <div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title">
-<a name="id2563756"></a>Private-type records</h3></div></div></div></div>
+<a name="id2563764"></a>Private-type records</h3></div></div></div></div>
 <p>The state of the signing process is signaled by
  private-type records (with a default type value of 65534). When
  signing is complete, these records will have a nonzero value for
@@ -1224,12 +1224,12 @@ options {
 <p>
  </p>
 <div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title">
-<a name="id2563794"></a>DNSKEY rollovers</h3></div></div></div></div>
+<a name="id2563801"></a>DNSKEY rollovers</h3></div></div></div></div>
 <p>As with insecure-to-secure conversions, rolling DNSSEC
  keys can be done in two ways: using a dynamic DNS update, or the 
  <span><strong class="command">auto-dnssec</strong></span> zone option.</p>
 <div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title">
-<a name="id2563806"></a>Dynamic DNS update method</h3></div></div></div></div>
+<a name="id2563814"></a>Dynamic DNS update method</h3></div></div></div></div>
 <p> To perform key rollovers via dynamic update, you need to add
  the <code class="filename">K*</code> files for the new keys so that 
  <span><strong class="command">named</strong></span> can find them. You can then add the new
@@ -1251,7 +1251,7 @@ options {
  <span><strong class="command">named</strong></span> will clean out any signatures generated
  by the old key after the update completes.</p>
 <div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title">
-<a name="id2563908"></a>Automatic key rollovers</h3></div></div></div></div>
+<a name="id2563915"></a>Automatic key rollovers</h3></div></div></div></div>
 <p>When a new key reaches its activation date (as set by
  <span><strong class="command">dnssec-keygen</strong></span> or <span><strong class="command">dnssec-settime</strong></span>),
  if the <span><strong class="command">auto-dnssec</strong></span> zone option is set to 
@@ -1266,27 +1266,27 @@ options {
  completes in 30 days, after which it will be safe to remove the
  old key from the DNSKEY RRset.</p>
 <div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title">
-<a name="id2563934"></a>NSEC3PARAM rollovers via UPDATE</h3></div></div></div></div>
+<a name="id2563942"></a>NSEC3PARAM rollovers via UPDATE</h3></div></div></div></div>
 <p>Add the new NSEC3PARAM record via dynamic update. When the
  new NSEC3 chain has been generated, the NSEC3PARAM flag field
  will be zero. At this point you can remove the old NSEC3PARAM
  record. The old chain will be removed after the update request
  completes.</p>
 <div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title">
-<a name="id2563944"></a>Converting from NSEC to NSEC3</h3></div></div></div></div>
+<a name="id2563952"></a>Converting from NSEC to NSEC3</h3></div></div></div></div>
 <p>To do this, you just need to add an NSEC3PARAM record. When
  the conversion is complete, the NSEC chain will have been removed
  and the NSEC3PARAM record will have a zero flag field. The NSEC3
  chain will be generated before the NSEC chain is
  destroyed.</p>
 <div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title">
-<a name="id2563954"></a>Converting from NSEC3 to NSEC</h3></div></div></div></div>
+<a name="id2582666"></a>Converting from NSEC3 to NSEC</h3></div></div></div></div>
 <p>To do this, use <span><strong class="command">nsupdate</strong></span> to
  remove all NSEC3PARAM records with a zero flag
  field. The NSEC chain will be generated before the NSEC3 chain is
  removed.</p>
 <div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title">
-<a name="id2582672"></a>Converting from secure to insecure</h3></div></div></div></div>
+<a name="id2582679"></a>Converting from secure to insecure</h3></div></div></div></div>
 <p>To convert a signed zone to unsigned using dynamic DNS,
  delete all the DNSKEY records from the zone apex using
  <span><strong class="command">nsupdate</strong></span>. All signatures, NSEC or NSEC3 chains,
@@ -1301,14 +1301,14 @@ options {
  <span><strong class="command">allow</strong></span> instead (or it will re-sign).
  </p>
 <div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title">
-<a name="id2582709"></a>Periodic re-signing</h3></div></div></div></div>
+<a name="id2582716"></a>Periodic re-signing</h3></div></div></div></div>
 <p>In any secure zone which supports dynamic updates, named
  will periodically re-sign RRsets which have not been re-signed as
  a result of some update action. The signature lifetimes will be
  adjusted so as to spread the re-sign load over time rather than
  all at once.</p>
 <div class="sect2" lang="en"><div class="titlepage"><div><div><h3 class="title">
-<a name="id2582718"></a>NSEC3 and OPTOUT</h3></div></div></div></div>
+<a name="id2582726"></a>NSEC3 and OPTOUT</h3></div></div></div></div>
 <p>
  <span><strong class="command">named</strong></span> only supports creating new NSEC3 chains
  where all the NSEC3 records in the zone have the same OPTOUT
@@ -1330,7 +1330,7 @@ options {
  configuration files.</p>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
-<a name="id2608352"></a>Validating Resolver</h3></div></div></div>
+<a name="id2608359"></a>Validating Resolver</h3></div></div></div>
 <p>To configure a validating resolver to use RFC 5011 to
    maintain a trust anchor, configure the trust anchor using a 
    <span><strong class="command">managed-keys</strong></span> statement. Information about
@@ -1341,7 +1341,7 @@ options {
 </div>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
-<a name="id2608374"></a>Authoritative Server</h3></div></div></div>
+<a name="id2608381"></a>Authoritative Server</h3></div></div></div>
 <p>To set up an authoritative zone for RFC 5011 trust anchor
    maintenance, generate two (or more) key signing keys (KSKs) for
    the zone. Sign the zone with one of them; this is the "active"
@@ -1415,7 +1415,7 @@ $ <strong class="userinput"><code>dnssec-signzone -S -K keys example.net</code><
  Debian Linux, Solaris x86 and Windows Server 2003.</p>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
-<a name="id2608546"></a>Prerequisites</h3></div></div></div>
+<a name="id2653336"></a>Prerequisites</h3></div></div></div>
 <p>See the HSM vendor documentation for information about
    installing, initializing, testing and troubleshooting the
    HSM.</p>
@@ -1492,7 +1492,7 @@ $ <strong class="userinput"><code>patch -p1 -d openssl-0.9.8s \
    when we configure BIND 9.</p>
 <div class="sect3" lang="en">
 <div class="titlepage"><div><div><h4 class="title">
-<a name="id2609188"></a>Building OpenSSL for the AEP Keyper on Linux</h4></div></div></div>
+<a name="id2609127"></a>Building OpenSSL for the AEP Keyper on Linux</h4></div></div></div>
 <p>The AEP Keyper is a highly secure key storage device,
      but does not provide hardware cryptographic acceleration. It
      can carry out cryptographic operations, but it is probably
@@ -1524,7 +1524,7 @@ $ <strong class="userinput"><code>./Configure linux-generic32 -m32 -pthread \
 </div>
 <div class="sect3" lang="en">
 <div class="titlepage"><div><div><h4 class="title">
-<a name="id2609257"></a>Building OpenSSL for the SCA 6000 on Solaris</h4></div></div></div>
+<a name="id2609196"></a>Building OpenSSL for the SCA 6000 on Solaris</h4></div></div></div>
 <p>The SCA-6000 PKCS #11 provider is installed as a system
      library, libpkcs11. It is a true crypto accelerator, up to 4
      times faster than any CPU, so the flavor shall be
@@ -1546,7 +1546,7 @@ $ <strong class="userinput"><code>./Configure solaris64-x86_64-cc \
 </div>
 <div class="sect3" lang="en">
 <div class="titlepage"><div><div><h4 class="title">
-<a name="id2609306"></a>Building OpenSSL for SoftHSM</h4></div></div></div>
+<a name="id2609245"></a>Building OpenSSL for SoftHSM</h4></div></div></div>
 <p>SoftHSM is a software library provided by the OpenDNSSEC
      project (http://www.opendnssec.org) which provides a PKCS#11
      interface to a virtual HSM, implemented in the form of encrypted
@@ -1606,12 +1606,12 @@ $ <strong class="userinput"><code>./Configure linux-x86_64 -pthread \
 </div>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
-<a name="id2609594"></a>Building BIND 9 with PKCS#11</h3></div></div></div>
+<a name="id2609533"></a>Building BIND 9 with PKCS#11</h3></div></div></div>
 <p>When building BIND 9, the location of the custom-built
    OpenSSL library must be specified via configure.</p>
 <div class="sect3" lang="en">
 <div class="titlepage"><div><div><h4 class="title">
-<a name="id2609603"></a>Configuring BIND 9 for Linux with the AEP Keyper</h4></div></div></div>
+<a name="id2609542"></a>Configuring BIND 9 for Linux with the AEP Keyper</h4></div></div></div>
 <p>To link with the PKCS #11 provider, threads must be
      enabled in the BIND 9 build.</p>
 <p>The PKCS #11 library for the AEP Keyper is currently
@@ -1627,7 +1627,7 @@ $ <strong class="userinput"><code>./configure CC="gcc -m32" --enable-threads \
 </div>
 <div class="sect3" lang="en">
 <div class="titlepage"><div><div><h4 class="title">
-<a name="id2635986"></a>Configuring BIND 9 for Solaris with the SCA 6000</h4></div></div></div>
+<a name="id2609574"></a>Configuring BIND 9 for Solaris with the SCA 6000</h4></div></div></div>
 <p>To link with the PKCS #11 provider, threads must be
      enabled in the BIND 9 build.</p>
 <pre class="screen">
@@ -1645,7 +1645,7 @@ $ <strong class="userinput"><code>./configure CC="cc -xarch=amd64" --enable-thre
 </div>
 <div class="sect3" lang="en">
 <div class="titlepage"><div><div><h4 class="title">
-<a name="id2636022"></a>Configuring BIND 9 for SoftHSM</h4></div></div></div>
+<a name="id2609610"></a>Configuring BIND 9 for SoftHSM</h4></div></div></div>
 <pre class="screen">
 $ <strong class="userinput"><code>cd ../bind9</code></strong>
 $ <strong class="userinput"><code>./configure --enable-threads \
@@ -1662,7 +1662,7 @@ $ <strong class="userinput"><code>./configure --enable-threads \
 </div>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
-<a name="id2636138"></a>PKCS #11 Tools</h3></div></div></div>
+<a name="id2636146"></a>PKCS #11 Tools</h3></div></div></div>
 <p>BIND 9 includes a minimal set of tools to operate the
    HSM, including 
    <span><strong class="command">pkcs11-keygen</strong></span> to generate a new key pair
@@ -1680,7 +1680,7 @@ $ <strong class="userinput"><code>./configure --enable-threads \
 </div>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
-<a name="id2636169"></a>Using the HSM</h3></div></div></div>
+<a name="id2636177"></a>Using the HSM</h3></div></div></div>
 <p>First, we must set up the runtime environment so the
    OpenSSL and PKCS #11 libraries can be loaded:</p>
 <pre class="screen">
@@ -1768,7 +1768,7 @@ example.net.signed
 </div>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
-<a name="id2636368"></a>Specifying the engine on the command line</h3></div></div></div>
+<a name="id2636375"></a>Specifying the engine on the command line</h3></div></div></div>
 <p>The OpenSSL engine can be specified in 
    <span><strong class="command">named</strong></span> and all of the BIND 
    <span><strong class="command">dnssec-*</strong></span> tools by using the "-E
@@ -1789,7 +1789,7 @@ $ <strong class="userinput"><code>dnssec-signzone -E '' -S example.net</code></s
 </div>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
-<a name="id2636413"></a>Running named with automatic zone re-signing</h3></div></div></div>
+<a name="id2636421"></a>Running named with automatic zone re-signing</h3></div></div></div>
 <p>If you want 
    <span><strong class="command">named</strong></span> to dynamically re-sign zones using HSM
    keys, and/or to to sign new records inserted via nsupdate, then
--- a/doc/arm/Bv9ARM.ch09.html
+++ b/doc/arm/Bv9ARM.ch09.html
@@ -57,13 +57,13 @@
 </dl></dd>
 <dt><span class="sect1"><a href="Bv9ARM.ch09.html#bind9.library">BIND 9 DNS Library Support</a></span></dt>
 <dd><dl>
-<dt><span class="sect2"><a href="Bv9ARM.ch09.html#id2608630">Prerequisite</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch09.html#id2610958">Prerequisite</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch09.html#id2608640">Compilation</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch09.html#id2610968">Compilation</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch09.html#id2608664">Installation</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch09.html#id2610993">Installation</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch09.html#id2609719">Known Defects/Restrictions</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch09.html#id2609658">Known Defects/Restrictions</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch09.html#id2609796">The dns.conf File</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch09.html#id2609735">The dns.conf File</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch09.html#id2609822">Sample Applications</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch09.html#id2609762">Sample Applications</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch09.html#id2610727">Library References</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch09.html#id2610666">Library References</a></span></dt>
 </dl></dd>
 </dl>
 </div>
@@ -648,7 +648,7 @@
 </ul></div>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
-<a name="id2608630"></a>Prerequisite</h3></div></div></div>
+<a name="id2610958"></a>Prerequisite</h3></div></div></div>
 <p>GNU make is required to build the export libraries (other
  part of BIND 9 can still be built with other types of make). In
  the reminder of this document, "make" means GNU make. Note that
@@ -657,7 +657,7 @@
 </div>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
-<a name="id2608640"></a>Compilation</h3></div></div></div>
+<a name="id2610968"></a>Compilation</h3></div></div></div>
 <pre class="screen">
 $ <strong class="userinput"><code>./configure --enable-exportlib <em class="replaceable"><code>[other flags]</code></em></code></strong>
 $ <strong class="userinput"><code>make</code></strong>
@@ -672,7 +672,7 @@ $ <strong class="userinput"><code>make</code></strong>
 </div>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
-<a name="id2608664"></a>Installation</h3></div></div></div>
+<a name="id2610993"></a>Installation</h3></div></div></div>
 <pre class="screen">
 $ <strong class="userinput"><code>cd lib/export</code></strong>
 $ <strong class="userinput"><code>make install</code></strong>
@@ -694,7 +694,7 @@ $ <strong class="userinput"><code>make install</code></strong>
 </div>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
-<a name="id2609719"></a>Known Defects/Restrictions</h3></div></div></div>
+<a name="id2609658"></a>Known Defects/Restrictions</h3></div></div></div>
 <div class="itemizedlist"><ul type="disc">
 <li><p>Currently, win32 is not supported for the export
      library. (Normal BIND 9 application can be built as
@@ -734,7 +734,7 @@ $ <strong class="userinput"><code>make</code></strong>
 </div>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
-<a name="id2609796"></a>The dns.conf File</h3></div></div></div>
+<a name="id2609735"></a>The dns.conf File</h3></div></div></div>
 <p>The IRS library supports an "advanced" configuration file
  related to the DNS library for configuration parameters that
  would be beyond the capability of the
@@ -752,14 +752,14 @@ $ <strong class="userinput"><code>make</code></strong>
 </div>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
-<a name="id2609822"></a>Sample Applications</h3></div></div></div>
+<a name="id2609762"></a>Sample Applications</h3></div></div></div>
 <p>Some sample application programs using this API are
  provided for reference. The following is a brief description of
  these applications.
  </p>
 <div class="sect3" lang="en">
 <div class="titlepage"><div><div><h4 class="title">
-<a name="id2609831"></a>sample: a simple stub resolver utility</h4></div></div></div>
+<a name="id2609770"></a>sample: a simple stub resolver utility</h4></div></div></div>
 <p>
  It sends a query of a given name (of a given optional RR type) to a
  specified recursive server, and prints the result as a list of
@@ -823,7 +823,7 @@ $ <strong class="userinput"><code>make</code></strong>
 </div>
 <div class="sect3" lang="en">
 <div class="titlepage"><div><div><h4 class="title">
-<a name="id2609922"></a>sample-async: a simple stub resolver, working asynchronously</h4></div></div></div>
+<a name="id2609861"></a>sample-async: a simple stub resolver, working asynchronously</h4></div></div></div>
 <p>
  Similar to "sample", but accepts a list
  of (query) domain names as a separate file and resolves the names
@@ -864,7 +864,7 @@ $ <strong class="userinput"><code>make</code></strong>
 </div>
 <div class="sect3" lang="en">
 <div class="titlepage"><div><div><h4 class="title">
-<a name="id2609975"></a>sample-request: a simple DNS transaction client</h4></div></div></div>
+<a name="id2609914"></a>sample-request: a simple DNS transaction client</h4></div></div></div>
 <p>
  It sends a query to a specified server, and
  prints the response with minimal processing. It doesn't act as a
@@ -905,7 +905,7 @@ $ <strong class="userinput"><code>make</code></strong>
 </div>
 <div class="sect3" lang="en">
 <div class="titlepage"><div><div><h4 class="title">
-<a name="id2610039"></a>sample-gai: getaddrinfo() and getnameinfo() test code</h4></div></div></div>
+<a name="id2609978"></a>sample-gai: getaddrinfo() and getnameinfo() test code</h4></div></div></div>
 <p>
  This is a test program
  to check getaddrinfo() and getnameinfo() behavior. It takes a
@@ -922,7 +922,7 @@ $ <strong class="userinput"><code>make</code></strong>
 </div>
 <div class="sect3" lang="en">
 <div class="titlepage"><div><div><h4 class="title">
-<a name="id2610054"></a>sample-update: a simple dynamic update client program</h4></div></div></div>
+<a name="id2609993"></a>sample-update: a simple dynamic update client program</h4></div></div></div>
 <p>
  It accepts a single update command as a
  command-line argument, sends an update request message to the
@@ -1017,7 +1017,7 @@ $ <strong class="userinput"><code>sample-update -a sample-update -k Kxxx.+nnn+mm
 </div>
 <div class="sect3" lang="en">
 <div class="titlepage"><div><div><h4 class="title">
-<a name="id2610663"></a>nsprobe: domain/name server checker in terms of RFC 4074</h4></div></div></div>
+<a name="id2610602"></a>nsprobe: domain/name server checker in terms of RFC 4074</h4></div></div></div>
 <p>
  It checks a set
  of domains to see the name servers of the domains behave
@@ -1074,7 +1074,7 @@ $ <strong class="userinput"><code>sample-update -a sample-update -k Kxxx.+nnn+mm
 </div>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
-<a name="id2610727"></a>Library References</h3></div></div></div>
+<a name="id2610666"></a>Library References</h3></div></div></div>
 <p>As of this writing, there is no formal "manual" of the
  libraries, except this document, header files (some of them
  provide pretty detailed explanations), and sample application
--- a/doc/arm/Bv9ARM.ch10.html
+++ b/doc/arm/Bv9ARM.ch10.html
@@ -73,6 +73,9 @@
 <span class="refentrytitle"><a href="man.dnssec-signzone.html"><span class="application">dnssec-signzone</span></a></span><span class="refpurpose"> &#8212; DNSSEC zone signing tool</span>
 </dt>
 <dt>
 <span class="refentrytitle"><a href="man.dnssec-verify.html"><span class="application">dnssec-verify</span></a></span><span class="refpurpose"> &#8212; DNSSEC zone verification tool</span>
 </dt>
 <dt>
 <span class="refentrytitle"><a href="man.named-checkconf.html"><span class="application">named-checkconf</span></a></span><span class="refpurpose"> &#8212; named configuration file syntax checking tool</span>
 </dt>
 <dt>
--- a/doc/arm/Bv9ARM.html
+++ b/doc/arm/Bv9ARM.html
@@ -113,33 +113,33 @@
 </dl></dd>
 <dt><span class="sect1"><a href="Bv9ARM.ch04.html#dnssec.dynamic.zones">DNSSEC, Dynamic Zones, and Automatic Signing</a></span></dt>
 <dd><dl>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2608908">Converting from insecure to secure</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2608916">Converting from insecure to secure</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2608946">Dynamic DNS update method</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2563556">Dynamic DNS update method</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2563585">Fully automatic zone signing</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2563592">Fully automatic zone signing</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2563756">Private-type records</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2563764">Private-type records</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2563794">DNSKEY rollovers</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2563801">DNSKEY rollovers</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2563806">Dynamic DNS update method</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2563814">Dynamic DNS update method</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2563908">Automatic key rollovers</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2563915">Automatic key rollovers</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2563934">NSEC3PARAM rollovers via UPDATE</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2563942">NSEC3PARAM rollovers via UPDATE</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2563944">Converting from NSEC to NSEC3</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2563952">Converting from NSEC to NSEC3</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2563954">Converting from NSEC3 to NSEC</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2582666">Converting from NSEC3 to NSEC</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2582672">Converting from secure to insecure</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2582679">Converting from secure to insecure</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2582709">Periodic re-signing</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2582716">Periodic re-signing</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2582718">NSEC3 and OPTOUT</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2582726">NSEC3 and OPTOUT</a></span></dt>
 </dl></dd>
 <dt><span class="sect1"><a href="Bv9ARM.ch04.html#rfc5011.support">Dynamic Trust Anchor Management</a></span></dt>
 <dd><dl>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2608352">Validating Resolver</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2608359">Validating Resolver</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2608374">Authoritative Server</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2608381">Authoritative Server</a></span></dt>
 </dl></dd>
 <dt><span class="sect1"><a href="Bv9ARM.ch04.html#pkcs11">PKCS #11 (Cryptoki) support</a></span></dt>
 <dd><dl>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2608546">Prerequisites</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2653336">Prerequisites</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2609594">Building BIND 9 with PKCS#11</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2609533">Building BIND 9 with PKCS#11</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2636138">PKCS #11 Tools</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2636146">PKCS #11 Tools</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2636169">Using the HSM</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2636177">Using the HSM</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2636368">Specifying the engine on the command line</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2636375">Specifying the engine on the command line</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2636413">Running named with automatic zone re-signing</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2636421">Running named with automatic zone re-signing</a></span></dt>
 </dl></dd>
 <dt><span class="sect1"><a href="Bv9ARM.ch04.html#id2572696">IPv6 Support in <acronym class="acronym">BIND</acronym> 9</a></span></dt>
 <dd><dl>
@@ -245,13 +245,13 @@
 </dl></dd>
 <dt><span class="sect1"><a href="Bv9ARM.ch09.html#bind9.library">BIND 9 DNS Library Support</a></span></dt>
 <dd><dl>
-<dt><span class="sect2"><a href="Bv9ARM.ch09.html#id2608630">Prerequisite</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch09.html#id2610958">Prerequisite</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch09.html#id2608640">Compilation</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch09.html#id2610968">Compilation</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch09.html#id2608664">Installation</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch09.html#id2610993">Installation</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch09.html#id2609719">Known Defects/Restrictions</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch09.html#id2609658">Known Defects/Restrictions</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch09.html#id2609796">The dns.conf File</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch09.html#id2609735">The dns.conf File</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch09.html#id2609822">Sample Applications</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch09.html#id2609762">Sample Applications</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch09.html#id2610727">Library References</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch09.html#id2610666">Library References</a></span></dt>
 </dl></dd>
 </dl></dd>
 <dt><span class="reference"><a href="Bv9ARM.ch10.html">I. Manual pages</a></span></dt>
@@ -281,6 +281,9 @@
 <span class="refentrytitle"><a href="man.dnssec-signzone.html"><span class="application">dnssec-signzone</span></a></span><span class="refpurpose"> &#8212; DNSSEC zone signing tool</span>
 </dt>
 <dt>
 <span class="refentrytitle"><a href="man.dnssec-verify.html"><span class="application">dnssec-verify</span></a></span><span class="refpurpose"> &#8212; DNSSEC zone verification tool</span>
 </dt>
 <dt>
 <span class="refentrytitle"><a href="man.named-checkconf.html"><span class="application">named-checkconf</span></a></span><span class="refpurpose"> &#8212; named configuration file syntax checking tool</span>
 </dt>
 <dt>
--- a/doc/arm/man.arpaname.html
+++ b/doc/arm/man.arpaname.html
@@ -50,20 +50,20 @@
 <div class="cmdsynopsis"><p><code class="command">arpaname</code>  {<em class="replaceable"><code>ipaddress </code></em>...}</p></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2615059"></a><h2>DESCRIPTION</h2>
+<a name="id2615498"></a><h2>DESCRIPTION</h2>
 <p>
      <span><strong class="command">arpaname</strong></span> translates IP addresses (IPv4 and
      IPv6) to the corresponding IN-ADDR.ARPA or IP6.ARPA names.
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2615074"></a><h2>SEE ALSO</h2>
+<a name="id2658521"></a><h2>SEE ALSO</h2>
 <p>
      <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2615088"></a><h2>AUTHOR</h2>
+<a name="id2658535"></a><h2>AUTHOR</h2>
 <p><span class="corpauthor">Internet Systems Consortium</span>
    </p>
 </div>
--- a/doc/arm/man.ddns-confgen.html
+++ b/doc/arm/man.ddns-confgen.html
@@ -50,7 +50,7 @@
 <div class="cmdsynopsis"><p><code class="command">ddns-confgen</code>  [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-h</code>] [<code class="option">-k <em class="replaceable"><code>keyname</code></em></code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [ -s <em class="replaceable"><code>name</code></em>  |   -z <em class="replaceable"><code>zone</code></em> ] [<code class="option">-q</code>] [name]</p></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2653992"></a><h2>DESCRIPTION</h2>
+<a name="id2656138"></a><h2>DESCRIPTION</h2>
 <p><span><strong class="command">ddns-confgen</strong></span>
      generates a key for use by <span><strong class="command">nsupdate</strong></span>
      and <span><strong class="command">named</strong></span>.  It simplifies configuration
@@ -77,7 +77,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2654148"></a><h2>OPTIONS</h2>
+<a name="id2656226"></a><h2>OPTIONS</h2>
 <div class="variablelist"><dl>
 <dt><span class="term">-a <em class="replaceable"><code>algorithm</code></em></span></dt>
 <dd><p>
@@ -144,7 +144,7 @@
 </dl></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2654417"></a><h2>SEE ALSO</h2>
+<a name="id2656699"></a><h2>SEE ALSO</h2>
 <p><span class="citerefentry"><span class="refentrytitle">nsupdate</span>(1)</span>,
      <span class="citerefentry"><span class="refentrytitle">named.conf</span>(5)</span>,
      <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
@@ -152,7 +152,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2654455"></a><h2>AUTHOR</h2>
+<a name="id2656874"></a><h2>AUTHOR</h2>
 <p><span class="corpauthor">Internet Systems Consortium</span>
    </p>
 </div>
--- a/doc/arm/man.dig.html
+++ b/doc/arm/man.dig.html
@@ -52,7 +52,7 @@
 <div class="cmdsynopsis"><p><code class="command">dig</code>  [global-queryopt...] [query...]</p></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2611096"></a><h2>DESCRIPTION</h2>
+<a name="id2611104"></a><h2>DESCRIPTION</h2>
 <p><span><strong class="command">dig</strong></span>
      (domain information groper) is a flexible tool
      for interrogating DNS name servers.  It performs DNS lookups and
@@ -98,7 +98,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2611191"></a><h2>SIMPLE USAGE</h2>
+<a name="id2611198"></a><h2>SIMPLE USAGE</h2>
 <p>
      A typical invocation of <span><strong class="command">dig</strong></span> looks like:
      </p>
@@ -144,7 +144,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2611438"></a><h2>OPTIONS</h2>
+<a name="id2611446"></a><h2>OPTIONS</h2>
 <p>
      The <code class="option">-b</code> option sets the source IP address of the query
      to <em class="parameter"><code>address</code></em>.  This must be a valid
@@ -248,7 +248,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2663664"></a><h2>QUERY OPTIONS</h2>
+<a name="id2663671"></a><h2>QUERY OPTIONS</h2>
 <p><span><strong class="command">dig</strong></span>
      provides a number of query options which affect
      the way in which lookups are made and the results displayed.  Some of
@@ -599,7 +599,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2664734"></a><h2>MULTIPLE QUERIES</h2>
+<a name="id2664742"></a><h2>MULTIPLE QUERIES</h2>
 <p>
      The BIND 9 implementation of <span><strong class="command">dig </strong></span>
      supports
@@ -645,7 +645,7 @@ dig +qr www.isc.org any -x 127.0.0.1 isc.org ns +noqr
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2664888"></a><h2>IDN SUPPORT</h2>
+<a name="id2664896"></a><h2>IDN SUPPORT</h2>
 <p>
      If <span><strong class="command">dig</strong></span> has been built with IDN (internationalized
      domain name) support, it can accept and display non-ASCII domain names.
@@ -659,14 +659,14 @@ dig +qr www.isc.org any -x 127.0.0.1 isc.org ns +noqr
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2664917"></a><h2>FILES</h2>
+<a name="id2664924"></a><h2>FILES</h2>
 <p><code class="filename">/etc/resolv.conf</code>
    </p>
 <p><code class="filename">${HOME}/.digrc</code>
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2664938"></a><h2>SEE ALSO</h2>
+<a name="id2664946"></a><h2>SEE ALSO</h2>
 <p><span class="citerefentry"><span class="refentrytitle">host</span>(1)</span>,
      <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
      <span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>,
@@ -674,7 +674,7 @@ dig +qr www.isc.org any -x 127.0.0.1 isc.org ns +noqr
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2664976"></a><h2>BUGS</h2>
+<a name="id2664983"></a><h2>BUGS</h2>
 <p>
      There are probably too many query options.
    </p>
--- a/doc/arm/man.dnssec-dsfromkey.html
+++ b/doc/arm/man.dnssec-dsfromkey.html
@@ -51,14 +51,14 @@
 <div class="cmdsynopsis"><p><code class="command">dnssec-dsfromkey</code>  {-s} [<code class="option">-1</code>] [<code class="option">-2</code>] [<code class="option">-a <em class="replaceable"><code>alg</code></em></code>] [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-l <em class="replaceable"><code>domain</code></em></code>] [<code class="option">-s</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-T <em class="replaceable"><code>TTL</code></em></code>] [<code class="option">-f <em class="replaceable"><code>file</code></em></code>] [<code class="option">-A</code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] {dnsname}</p></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2612638"></a><h2>DESCRIPTION</h2>
+<a name="id2612578"></a><h2>DESCRIPTION</h2>
 <p><span><strong class="command">dnssec-dsfromkey</strong></span>
      outputs the Delegation Signer (DS) resource record (RR), as defined in
      RFC 3658 and RFC 4509, for the given key(s).
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2612652"></a><h2>OPTIONS</h2>
+<a name="id2612592"></a><h2>OPTIONS</h2>
 <div class="variablelist"><dl>
 <dt><span class="term">-1</span></dt>
 <dd><p>
@@ -135,7 +135,7 @@
 </dl></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2613774"></a><h2>EXAMPLE</h2>
+<a name="id2614055"></a><h2>EXAMPLE</h2>
 <p>
      To build the SHA-256 DS RR from the
      <strong class="userinput"><code>Kexample.com.+003+26160</code></strong>
@@ -150,7 +150,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2613811"></a><h2>FILES</h2>
+<a name="id2614091"></a><h2>FILES</h2>
 <p>
      The keyfile can be designed by the key identification
      <code class="filename">Knnnn.+aaa+iiiii</code> or the full file name
@@ -164,13 +164,13 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2613852"></a><h2>CAVEAT</h2>
+<a name="id2614133"></a><h2>CAVEAT</h2>
 <p>
      A keyfile error can give a "file not found" even if the file exists.
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2613862"></a><h2>SEE ALSO</h2>
+<a name="id2614142"></a><h2>SEE ALSO</h2>
 <p><span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>,
      <span class="citerefentry"><span class="refentrytitle">dnssec-signzone</span>(8)</span>,
      <em class="citetitle">BIND 9 Administrator Reference Manual</em>,
@@ -180,7 +180,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2613901"></a><h2>AUTHOR</h2>
+<a name="id2614182"></a><h2>AUTHOR</h2>
 <p><span class="corpauthor">Internet Systems Consortium</span>
    </p>
 </div>
--- a/doc/arm/man.dnssec-keyfromlabel.html
+++ b/doc/arm/man.dnssec-keyfromlabel.html
@@ -50,7 +50,7 @@
 <div class="cmdsynopsis"><p><code class="command">dnssec-keyfromlabel</code>  {-l <em class="replaceable"><code>label</code></em>} [<code class="option">-3</code>] [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-A <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-D <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-E <em class="replaceable"><code>engine</code></em></code>] [<code class="option">-f <em class="replaceable"><code>flag</code></em></code>] [<code class="option">-G</code>] [<code class="option">-I <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-k</code>] [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-L <em class="replaceable"><code>ttl</code></em></code>] [<code class="option">-n <em class="replaceable"><code>nametype</code></em></code>] [<code class="option">-P <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-p <em class="replaceable"><code>protocol</code></em></code>] [<code class="option">-R <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-t <em class="replaceable"><code>type</code></em></code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] [<code class="option">-y</code>] {name}</p></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2614941"></a><h2>DESCRIPTION</h2>
+<a name="id2614949"></a><h2>DESCRIPTION</h2>
 <p><span><strong class="command">dnssec-keyfromlabel</strong></span>
      gets keys with the given label from a crypto hardware and builds
      key files for DNSSEC (Secure DNS), as defined in RFC 2535
@@ -63,7 +63,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2615303"></a><h2>OPTIONS</h2>
+<a name="id2615242"></a><h2>OPTIONS</h2>
 <div class="variablelist"><dl>
 <dt><span class="term">-a <em class="replaceable"><code>algorithm</code></em></span></dt>
 <dd>
@@ -192,7 +192,7 @@
 </dl></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2616996"></a><h2>TIMING OPTIONS</h2>
+<a name="id2617072"></a><h2>TIMING OPTIONS</h2>
 <p>
      Dates can be expressed in the format YYYYMMDD or YYYYMMDDHHMMSS.
      If the argument begins with a '+' or '-', it is interpreted as
@@ -239,7 +239,7 @@
 </dl></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2668157"></a><h2>GENERATED KEY FILES</h2>
+<a name="id2668165"></a><h2>GENERATED KEY FILES</h2>
 <p>
      When <span><strong class="command">dnssec-keyfromlabel</strong></span> completes
      successfully,
@@ -278,7 +278,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2668251"></a><h2>SEE ALSO</h2>
+<a name="id2668259"></a><h2>SEE ALSO</h2>
 <p><span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>,
      <span class="citerefentry"><span class="refentrytitle">dnssec-signzone</span>(8)</span>,
      <em class="citetitle">BIND 9 Administrator Reference Manual</em>,
@@ -286,7 +286,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2668284"></a><h2>AUTHOR</h2>
+<a name="id2668292"></a><h2>AUTHOR</h2>
 <p><span class="corpauthor">Internet Systems Consortium</span>
    </p>
 </div>
--- a/doc/arm/man.dnssec-keygen.html
+++ b/doc/arm/man.dnssec-keygen.html
@@ -50,7 +50,7 @@
 <div class="cmdsynopsis"><p><code class="command">dnssec-keygen</code>  [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-b <em class="replaceable"><code>keysize</code></em></code>] [<code class="option">-n <em class="replaceable"><code>nametype</code></em></code>] [<code class="option">-3</code>] [<code class="option">-A <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-C</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-D <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-E <em class="replaceable"><code>engine</code></em></code>] [<code class="option">-f <em class="replaceable"><code>flag</code></em></code>] [<code class="option">-G</code>] [<code class="option">-g <em class="replaceable"><code>generator</code></em></code>] [<code class="option">-h</code>] [<code class="option">-I <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-i <em class="replaceable"><code>interval</code></em></code>] [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-L <em class="replaceable"><code>ttl</code></em></code>] [<code class="option">-k</code>] [<code class="option">-P <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-p <em class="replaceable"><code>protocol</code></em></code>] [<code class="option">-q</code>] [<code class="option">-R <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-r <em class="replaceable"><code>randomdev</code></em></code>] [<code class="option">-S <em class="replaceable"><code>key</code></em></code>] [<code class="option">-s <em class="replaceable"><code>strength</code></em></code>] [<code class="option">-t <em class="replaceable"><code>type</code></em></code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] [<code class="option">-z</code>] {name}</p></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2616187"></a><h2>DESCRIPTION</h2>
+<a name="id2616126"></a><h2>DESCRIPTION</h2>
 <p><span><strong class="command">dnssec-keygen</strong></span>
      generates keys for DNSSEC (Secure DNS), as defined in RFC 2535
      and RFC 4034.  It can also generate keys for use with
@@ -64,7 +64,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2616208"></a><h2>OPTIONS</h2>
+<a name="id2616147"></a><h2>OPTIONS</h2>
 <div class="variablelist"><dl>
 <dt><span class="term">-a <em class="replaceable"><code>algorithm</code></em></span></dt>
 <dd>
@@ -274,7 +274,7 @@
 </dl></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2669986"></a><h2>TIMING OPTIONS</h2>
+<a name="id2669993"></a><h2>TIMING OPTIONS</h2>
 <p>
      Dates can be expressed in the format YYYYMMDD or YYYYMMDDHHMMSS.
      If the argument begins with a '+' or '-', it is interpreted as
@@ -345,7 +345,7 @@
 </dl></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2670244"></a><h2>GENERATED KEYS</h2>
+<a name="id2670320"></a><h2>GENERATED KEYS</h2>
 <p>
      When <span><strong class="command">dnssec-keygen</strong></span> completes
      successfully,
@@ -391,7 +391,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2670488"></a><h2>EXAMPLE</h2>
+<a name="id2670496"></a><h2>EXAMPLE</h2>
 <p>
      To generate a 768-bit DSA key for the domain
      <strong class="userinput"><code>example.com</code></strong>, the following command would be
@@ -412,7 +412,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2670545"></a><h2>SEE ALSO</h2>
+<a name="id2670552"></a><h2>SEE ALSO</h2>
 <p><span class="citerefentry"><span class="refentrytitle">dnssec-signzone</span>(8)</span>,
      <em class="citetitle">BIND 9 Administrator Reference Manual</em>,
      <em class="citetitle">RFC 2539</em>,
@@ -421,7 +421,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2670576"></a><h2>AUTHOR</h2>
+<a name="id2670583"></a><h2>AUTHOR</h2>
 <p><span class="corpauthor">Internet Systems Consortium</span>
    </p>
 </div>
--- a/doc/arm/man.dnssec-revoke.html
+++ b/doc/arm/man.dnssec-revoke.html
@@ -50,7 +50,7 @@
 <div class="cmdsynopsis"><p><code class="command">dnssec-revoke</code>  [<code class="option">-hr</code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-E <em class="replaceable"><code>engine</code></em></code>] [<code class="option">-f</code>] [<code class="option">-R</code>] {keyfile}</p></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2617367"></a><h2>DESCRIPTION</h2>
+<a name="id2616487"></a><h2>DESCRIPTION</h2>
 <p><span><strong class="command">dnssec-revoke</strong></span>
      reads a DNSSEC key file, sets the REVOKED bit on the key as defined
      in RFC 5011, and creates a new pair of key files containing the
@@ -58,7 +58,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2617381"></a><h2>OPTIONS</h2>
+<a name="id2616501"></a><h2>OPTIONS</h2>
 <div class="variablelist"><dl>
 <dt><span class="term">-h</span></dt>
 <dd><p>
@@ -96,14 +96,14 @@
 </dl></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2617501"></a><h2>SEE ALSO</h2>
+<a name="id2616621"></a><h2>SEE ALSO</h2>
 <p><span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>,
      <em class="citetitle">BIND 9 Administrator Reference Manual</em>,
      <em class="citetitle">RFC 5011</em>.
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2617526"></a><h2>AUTHOR</h2>
+<a name="id2616646"></a><h2>AUTHOR</h2>
 <p><span class="corpauthor">Internet Systems Consortium</span>
    </p>
 </div>
--- a/doc/arm/man.dnssec-settime.html
+++ b/doc/arm/man.dnssec-settime.html
@@ -50,7 +50,7 @@
 <div class="cmdsynopsis"><p><code class="command">dnssec-settime</code>  [<code class="option">-f</code>] [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-L <em class="replaceable"><code>ttl</code></em></code>] [<code class="option">-P <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-A <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-R <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-I <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-D <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-h</code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] [<code class="option">-E <em class="replaceable"><code>engine</code></em></code>] {keyfile}</p></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2617626"></a><h2>DESCRIPTION</h2>
+<a name="id2617497"></a><h2>DESCRIPTION</h2>
 <p><span><strong class="command">dnssec-settime</strong></span>
      reads a DNSSEC private key file and sets the key timing metadata
      as specified by the <code class="option">-P</code>, <code class="option">-A</code>,
@@ -76,7 +76,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2617685"></a><h2>OPTIONS</h2>
+<a name="id2617556"></a><h2>OPTIONS</h2>
 <div class="variablelist"><dl>
 <dt><span class="term">-f</span></dt>
 <dd><p>
@@ -118,7 +118,7 @@
 </dl></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2618011"></a><h2>TIMING OPTIONS</h2>
+<a name="id2617814"></a><h2>TIMING OPTIONS</h2>
 <p>
      Dates can be expressed in the format YYYYMMDD or YYYYMMDDHHMMSS.
      If the argument begins with a '+' or '-', it is interpreted as
@@ -197,7 +197,7 @@
 </dl></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2618150"></a><h2>PRINTING OPTIONS</h2>
+<a name="id2617953"></a><h2>PRINTING OPTIONS</h2>
 <p>
      <span><strong class="command">dnssec-settime</strong></span> can also be used to print the
      timing metadata associated with a key.
@@ -223,7 +223,7 @@
 </dl></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2618571"></a><h2>SEE ALSO</h2>
+<a name="id2618306"></a><h2>SEE ALSO</h2>
 <p><span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>,
      <span class="citerefentry"><span class="refentrytitle">dnssec-signzone</span>(8)</span>,
      <em class="citetitle">BIND 9 Administrator Reference Manual</em>,
@@ -231,7 +231,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2618604"></a><h2>AUTHOR</h2>
+<a name="id2618339"></a><h2>AUTHOR</h2>
 <p><span class="corpauthor">Internet Systems Consortium</span>
    </p>
 </div>
--- a/doc/arm/man.dnssec-signzone.html
+++ b/doc/arm/man.dnssec-signzone.html
@@ -23,7 +23,7 @@
 <link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
 <link rel="up" href="Bv9ARM.ch10.html" title="Manual pages">
 <link rel="prev" href="man.dnssec-settime.html" title="dnssec-settime">
-<link rel="next" href="man.named-checkconf.html" title="named-checkconf">
+<link rel="next" href="man.dnssec-verify.html" title="dnssec-verify">
 </head>
 <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
 <div class="navheader">
@@ -33,7 +33,7 @@
 <td width="20%" align="left">
 <a accesskey="p" href="man.dnssec-settime.html">Prev</a><EFBFBD></td>
 <th width="60%" align="center">Manual pages</th>
-<td width="20%" align="right"><EFBFBD><a accesskey="n" href="man.named-checkconf.html">Next</a>
+<td width="20%" align="right"><EFBFBD><a accesskey="n" href="man.dnssec-verify.html">Next</a>
 </td>
 </tr>
 </table>
@@ -50,7 +50,7 @@
 <div class="cmdsynopsis"><p><code class="command">dnssec-signzone</code>  [<code class="option">-a</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-d <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-D</code>] [<code class="option">-E <em class="replaceable"><code>engine</code></em></code>] [<code class="option">-e <em class="replaceable"><code>end-time</code></em></code>] [<code class="option">-f <em class="replaceable"><code>output-file</code></em></code>] [<code class="option">-g</code>] [<code class="option">-h</code>] [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-k <em class="replaceable"><code>key</code></em></code>] [<code class="option">-L <em class="replaceable"><code>serial</code></em></code>] [<code class="option">-l <em class="replaceable"><code>domain</code></em></code>] [<code class="option">-i <em class="replaceable"><code>interval</code></em></code>] [<code class="option">-I <em class="replaceable"><code>input-format</code></em></code>] [<code class="option">-j <em class="replaceable"><code>jitter</code></em></code>] [<code class="option">-N <em class="replaceable"><code>soa-serial-format</code></em></code>] [<code class="option">-o <em class="replaceable"><code>origin</code></em></code>] [<code class="option">-O <em class="replaceable"><code>output-format</code></em></code>] [<code class="option">-P</code>] [<code class="option">-p</code>] [<code class="option">-R</code>] [<code class="option">-r <em class="replaceable"><code>randomdev</code></em></code>] [<code class="option">-S</code>] [<code class="option">-s <em class="replaceable"><code>start-time</code></em></code>] [<code class="option">-T <em class="replaceable"><code>ttl</code></em></code>] [<code class="option">-t</code>] [<code class="option">-u</code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] [<code class="option">-X <em class="replaceable"><code>extended end-time</code></em></code>] [<code class="option">-x</code>] [<code class="option">-z</code>] [<code class="option">-3 <em class="replaceable"><code>salt</code></em></code>] [<code class="option">-H <em class="replaceable"><code>iterations</code></em></code>] [<code class="option">-A</code>] {zonefile} [key...]</p></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2619894"></a><h2>DESCRIPTION</h2>
+<a name="id2619901"></a><h2>DESCRIPTION</h2>
 <p><span><strong class="command">dnssec-signzone</strong></span>
      signs a zone.  It generates
      NSEC and RRSIG records and produces a signed version of the
@@ -61,7 +61,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2619913"></a><h2>OPTIONS</h2>
+<a name="id2619921"></a><h2>OPTIONS</h2>
 <div class="variablelist"><dl>
 <dt><span class="term">-a</span></dt>
 <dd><p>
@@ -466,7 +466,7 @@
 </dl></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2673513"></a><h2>EXAMPLE</h2>
+<a name="id2673521"></a><h2>EXAMPLE</h2>
 <p>
      The following command signs the <strong class="userinput"><code>example.com</code></strong>
      zone with the DSA key generated by <span><strong class="command">dnssec-keygen</strong></span>
@@ -496,14 +496,14 @@ db.example.com.signed
 %</pre>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2673592"></a><h2>SEE ALSO</h2>
+<a name="id2673600"></a><h2>SEE ALSO</h2>
 <p><span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>,
      <em class="citetitle">BIND 9 Administrator Reference Manual</em>,
      <em class="citetitle">RFC 4033</em>.
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2673617"></a><h2>AUTHOR</h2>
+<a name="id2673624"></a><h2>AUTHOR</h2>
 <p><span class="corpauthor">Internet Systems Consortium</span>
    </p>
 </div>
@@ -515,14 +515,14 @@ db.example.com.signed
 <td width="40%" align="left">
 <a accesskey="p" href="man.dnssec-settime.html">Prev</a><EFBFBD></td>
 <td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch10.html">Up</a></td>
-<td width="40%" align="right"><EFBFBD><a accesskey="n" href="man.named-checkconf.html">Next</a>
+<td width="40%" align="right"><EFBFBD><a accesskey="n" href="man.dnssec-verify.html">Next</a>
 </td>
 </tr>
 <tr>
 <td width="40%" align="left" valign="top">
 <span class="application">dnssec-settime</span><EFBFBD></td>
 <td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
-<td width="40%" align="right" valign="top"><EFBFBD><span class="application">named-checkconf</span>
+<td width="40%" align="right" valign="top"><EFBFBD><span class="application">dnssec-verify</span>
 </td>
 </tr>
 </table>
--- a/doc/arm/man.genrandom.html
+++ b/doc/arm/man.genrandom.html
@@ -50,7 +50,7 @@
 <div class="cmdsynopsis"><p><code class="command">genrandom</code>  [<code class="option">-n <em class="replaceable"><code>number</code></em></code>] {<em class="replaceable"><code>size</code></em>} {<em class="replaceable"><code>filename</code></em>}</p></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2655666"></a><h2>DESCRIPTION</h2>
+<a name="id2615623"></a><h2>DESCRIPTION</h2>
 <p>
      <span><strong class="command">genrandom</strong></span>
      generates a file or a set of files containing a specified quantity
@@ -59,7 +59,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2655681"></a><h2>ARGUMENTS</h2>
+<a name="id2658578"></a><h2>ARGUMENTS</h2>
 <div class="variablelist"><dl>
 <dt><span class="term">-n <em class="replaceable"><code>number</code></em></span></dt>
 <dd><p>
@@ -77,14 +77,14 @@
 </dl></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2655741"></a><h2>SEE ALSO</h2>
+<a name="id2658638"></a><h2>SEE ALSO</h2>
 <p>
      <span class="citerefentry"><span class="refentrytitle">rand</span>(3)</span>,
      <span class="citerefentry"><span class="refentrytitle">arc4random</span>(3)</span>
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2655768"></a><h2>AUTHOR</h2>
+<a name="id2658665"></a><h2>AUTHOR</h2>
 <p><span class="corpauthor">Internet Systems Consortium</span>
    </p>
 </div>
--- a/doc/arm/man.host.html
+++ b/doc/arm/man.host.html
@@ -50,7 +50,7 @@
 <div class="cmdsynopsis"><p><code class="command">host</code>  [<code class="option">-aCdlnrsTwv</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-N <em class="replaceable"><code>ndots</code></em></code>] [<code class="option">-R <em class="replaceable"><code>number</code></em></code>] [<code class="option">-t <em class="replaceable"><code>type</code></em></code>] [<code class="option">-W <em class="replaceable"><code>wait</code></em></code>] [<code class="option">-m <em class="replaceable"><code>flag</code></em></code>] [<code class="option">-4</code>] [<code class="option">-6</code>] {name} [server]</p></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2611842"></a><h2>DESCRIPTION</h2>
+<a name="id2611849"></a><h2>DESCRIPTION</h2>
 <p><span><strong class="command">host</strong></span>
      is a simple utility for performing DNS lookups.
      It is normally used to convert names to IP addresses and vice versa.
@@ -202,7 +202,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2612288"></a><h2>IDN SUPPORT</h2>
+<a name="id2612295"></a><h2>IDN SUPPORT</h2>
 <p>
      If <span><strong class="command">host</strong></span> has been built with IDN (internationalized
      domain name) support, it can accept and display non-ASCII domain names. 
@@ -216,12 +216,12 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2612316"></a><h2>FILES</h2>
+<a name="id2612324"></a><h2>FILES</h2>
 <p><code class="filename">/etc/resolv.conf</code>
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2612330"></a><h2>SEE ALSO</h2>
+<a name="id2612338"></a><h2>SEE ALSO</h2>
 <p><span class="citerefentry"><span class="refentrytitle">dig</span>(1)</span>,
      <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>.
    </p>
--- a/doc/arm/man.isc-hmac-fixup.html
+++ b/doc/arm/man.isc-hmac-fixup.html
@@ -50,7 +50,7 @@
 <div class="cmdsynopsis"><p><code class="command">isc-hmac-fixup</code>  {<em class="replaceable"><code>algorithm</code></em>} {<em class="replaceable"><code>secret</code></em>}</p></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2655883"></a><h2>DESCRIPTION</h2>
+<a name="id2616796"></a><h2>DESCRIPTION</h2>
 <p>
      Versions of BIND 9 up to and including BIND 9.6 had a bug causing
      HMAC-SHA* TSIG keys which were longer than the digest length of the
@@ -76,7 +76,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2655911"></a><h2>SECURITY CONSIDERATIONS</h2>
+<a name="id2659354"></a><h2>SECURITY CONSIDERATIONS</h2>
 <p>
      Secrets that have been converted by <span><strong class="command">isc-hmac-fixup</strong></span>
      are shortened, but as this is how the HMAC protocol works in
@@ -87,14 +87,14 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2655927"></a><h2>SEE ALSO</h2>
+<a name="id2659370"></a><h2>SEE ALSO</h2>
 <p>
      <em class="citetitle">BIND 9 Administrator Reference Manual</em>,
      <em class="citetitle">RFC 2104</em>.
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2655944"></a><h2>AUTHOR</h2>
+<a name="id2659387"></a><h2>AUTHOR</h2>
 <p><span class="corpauthor">Internet Systems Consortium</span>
    </p>
 </div>
--- a/doc/arm/man.named-checkconf.html
+++ b/doc/arm/man.named-checkconf.html
@@ -22,7 +22,7 @@
 <meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
 <link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
 <link rel="up" href="Bv9ARM.ch10.html" title="Manual pages">
-<link rel="prev" href="man.dnssec-signzone.html" title="dnssec-signzone">
+<link rel="prev" href="man.dnssec-verify.html" title="dnssec-verify">
 <link rel="next" href="man.named-checkzone.html" title="named-checkzone">
 </head>
 <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
@@ -31,7 +31,7 @@
 <tr><th colspan="3" align="center"><span class="application">named-checkconf</span></th></tr>
 <tr>
 <td width="20%" align="left">
-<a accesskey="p" href="man.dnssec-signzone.html">Prev</a><EFBFBD></td>
+<a accesskey="p" href="man.dnssec-verify.html">Prev</a><EFBFBD></td>
 <th width="60%" align="center">Manual pages</th>
 <td width="20%" align="right"><EFBFBD><a accesskey="n" href="man.named-checkzone.html">Next</a>
 </td>
@@ -50,7 +50,7 @@
 <div class="cmdsynopsis"><p><code class="command">named-checkconf</code>  [<code class="option">-h</code>] [<code class="option">-v</code>] [<code class="option">-j</code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] {filename} [<code class="option">-p</code>] [<code class="option">-z</code>]</p></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2621461"></a><h2>DESCRIPTION</h2>
+<a name="id2633437"></a><h2>DESCRIPTION</h2>
 <p><span><strong class="command">named-checkconf</strong></span>
      checks the syntax, but not the semantics, of a
      <span><strong class="command">named</strong></span> configuration file.  The file is parsed
@@ -70,7 +70,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2621531"></a><h2>OPTIONS</h2>
+<a name="id2633508"></a><h2>OPTIONS</h2>
 <div class="variablelist"><dl>
 <dt><span class="term">-h</span></dt>
 <dd><p>
@@ -109,21 +109,21 @@
 </dl></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2627741"></a><h2>RETURN VALUES</h2>
+<a name="id2633779"></a><h2>RETURN VALUES</h2>
 <p><span><strong class="command">named-checkconf</strong></span>
      returns an exit status of 1 if
      errors were detected and 0 otherwise.
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2627755"></a><h2>SEE ALSO</h2>
+<a name="id2633793"></a><h2>SEE ALSO</h2>
 <p><span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
      <span class="citerefentry"><span class="refentrytitle">named-checkzone</span>(8)</span>,
      <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2627785"></a><h2>AUTHOR</h2>
+<a name="id2633822"></a><h2>AUTHOR</h2>
 <p><span class="corpauthor">Internet Systems Consortium</span>
    </p>
 </div>
@@ -133,14 +133,14 @@
 <table width="100%" summary="Navigation footer">
 <tr>
 <td width="40%" align="left">
-<a accesskey="p" href="man.dnssec-signzone.html">Prev</a><EFBFBD></td>
+<a accesskey="p" href="man.dnssec-verify.html">Prev</a><EFBFBD></td>
 <td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch10.html">Up</a></td>
 <td width="40%" align="right"><EFBFBD><a accesskey="n" href="man.named-checkzone.html">Next</a>
 </td>
 </tr>
 <tr>
 <td width="40%" align="left" valign="top">
-<span class="application">dnssec-signzone</span><EFBFBD></td>
+<span class="application">dnssec-verify</span><EFBFBD></td>
 <td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
 <td width="40%" align="right" valign="top"><EFBFBD><span class="application">named-checkzone</span>
 </td>
--- a/doc/arm/man.named-checkzone.html
+++ b/doc/arm/man.named-checkzone.html
@@ -51,7 +51,7 @@
 <div class="cmdsynopsis"><p><code class="command">named-compilezone</code>  [<code class="option">-d</code>] [<code class="option">-j</code>] [<code class="option">-q</code>] [<code class="option">-v</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-C <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-f <em class="replaceable"><code>format</code></em></code>] [<code class="option">-F <em class="replaceable"><code>format</code></em></code>] [<code class="option">-i <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-k <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-m <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-n <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-L <em class="replaceable"><code>serial</code></em></code>] [<code class="option">-r <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-s <em class="replaceable"><code>style</code></em></code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-w <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-D</code>] [<code class="option">-W <em class="replaceable"><code>mode</code></em></code>] {<code class="option">-o <em class="replaceable"><code>filename</code></em></code>} {zonename} {filename}</p></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2637186"></a><h2>DESCRIPTION</h2>
+<a name="id2639537"></a><h2>DESCRIPTION</h2>
 <p><span><strong class="command">named-checkzone</strong></span>
      checks the syntax and integrity of a zone file.  It performs the
      same checks as <span><strong class="command">named</strong></span> does when loading a
@@ -71,7 +71,7 @@
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2675738"></a><h2>OPTIONS</h2>
+<a name="id2639587"></a><h2>OPTIONS</h2>
 <div class="variablelist"><dl>
 <dt><span class="term">-d</span></dt>
 <dd><p>
@@ -283,14 +283,14 @@
 </dl></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2676630"></a><h2>RETURN VALUES</h2>
+<a name="id2677206"></a><h2>RETURN VALUES</h2>
 <p><span><strong class="command">named-checkzone</strong></span>
      returns an exit status of 1 if
      errors were detected and 0 otherwise.
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2676644"></a><h2>SEE ALSO</h2>
+<a name="id2677220"></a><h2>SEE ALSO</h2>
 <p><span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
      <span class="citerefentry"><span class="refentrytitle">named-checkconf</span>(8)</span>,
      <em class="citetitle">RFC 1035</em>,
@@ -298,7 +298,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2676677"></a><h2>AUTHOR</h2>
+<a name="id2677253"></a><h2>AUTHOR</h2>
 <p><span class="corpauthor">Internet Systems Consortium</span>
    </p>
 </div>
--- a/doc/arm/man.named-journalprint.html
+++ b/doc/arm/man.named-journalprint.html
@@ -50,7 +50,7 @@
 <div class="cmdsynopsis"><p><code class="command">named-journalprint</code>  {<em class="replaceable"><code>journal</code></em>}</p></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2614053"></a><h2>DESCRIPTION</h2>
+<a name="id2614219"></a><h2>DESCRIPTION</h2>
 <p>
      <span><strong class="command">named-journalprint</strong></span>
      prints the contents of a zone journal file in a human-readable
@@ -76,7 +76,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2639767"></a><h2>SEE ALSO</h2>
+<a name="id2614265"></a><h2>SEE ALSO</h2>
 <p>
      <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
      <span class="citerefentry"><span class="refentrytitle">nsupdate</span>(8)</span>,
@@ -84,7 +84,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2639798"></a><h2>AUTHOR</h2>
+<a name="id2640715"></a><h2>AUTHOR</h2>
 <p><span class="corpauthor">Internet Systems Consortium</span>
    </p>
 </div>
--- a/doc/arm/man.named.html
+++ b/doc/arm/man.named.html
@@ -50,7 +50,7 @@
 <div class="cmdsynopsis"><p><code class="command">named</code>  [<code class="option">-4</code>] [<code class="option">-6</code>] [<code class="option">-c <em class="replaceable"><code>config-file</code></em></code>] [<code class="option">-d <em class="replaceable"><code>debug-level</code></em></code>] [<code class="option">-E <em class="replaceable"><code>engine-name</code></em></code>] [<code class="option">-f</code>] [<code class="option">-g</code>] [<code class="option">-m <em class="replaceable"><code>flag</code></em></code>] [<code class="option">-n <em class="replaceable"><code>#cpus</code></em></code>] [<code class="option">-p <em class="replaceable"><code>port</code></em></code>] [<code class="option">-s</code>] [<code class="option">-S <em class="replaceable"><code>#max-socks</code></em></code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-U <em class="replaceable"><code>#listeners</code></em></code>] [<code class="option">-u <em class="replaceable"><code>user</code></em></code>] [<code class="option">-v</code>] [<code class="option">-V</code>] [<code class="option">-x <em class="replaceable"><code>cache-file</code></em></code>]</p></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2637859"></a><h2>DESCRIPTION</h2>
+<a name="id2639868"></a><h2>DESCRIPTION</h2>
 <p><span><strong class="command">named</strong></span>
      is a Domain Name System (DNS) server,
      part of the BIND 9 distribution from ISC.  For more
@@ -65,7 +65,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2637890"></a><h2>OPTIONS</h2>
+<a name="id2639899"></a><h2>OPTIONS</h2>
 <div class="variablelist"><dl>
 <dt><span class="term">-4</span></dt>
 <dd><p>
@@ -255,7 +255,7 @@
 </dl></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2661480"></a><h2>SIGNALS</h2>
+<a name="id2642327"></a><h2>SIGNALS</h2>
 <p>
      In routine operation, signals should not be used to control
      the nameserver; <span><strong class="command">rndc</strong></span> should be used
@@ -276,7 +276,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2661530"></a><h2>CONFIGURATION</h2>
+<a name="id2642377"></a><h2>CONFIGURATION</h2>
 <p>
      The <span><strong class="command">named</strong></span> configuration file is too complex
      to describe in detail here.  A complete description is provided
@@ -293,7 +293,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2661579"></a><h2>FILES</h2>
+<a name="id2677379"></a><h2>FILES</h2>
 <div class="variablelist"><dl>
 <dt><span class="term"><code class="filename">/etc/named.conf</code></span></dt>
 <dd><p>
@@ -306,7 +306,7 @@
 </dl></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2676846"></a><h2>SEE ALSO</h2>
+<a name="id2677422"></a><h2>SEE ALSO</h2>
 <p><em class="citetitle">RFC 1033</em>,
      <em class="citetitle">RFC 1034</em>,
      <em class="citetitle">RFC 1035</em>,
@@ -319,7 +319,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2676985"></a><h2>AUTHOR</h2>
+<a name="id2677493"></a><h2>AUTHOR</h2>
 <p><span class="corpauthor">Internet Systems Consortium</span>
    </p>
 </div>
--- a/doc/arm/man.nsec3hash.html
+++ b/doc/arm/man.nsec3hash.html
@@ -48,7 +48,7 @@
 <div class="cmdsynopsis"><p><code class="command">nsec3hash</code>  {<em class="replaceable"><code>salt</code></em>} {<em class="replaceable"><code>algorithm</code></em>} {<em class="replaceable"><code>iterations</code></em>} {<em class="replaceable"><code>domain</code></em>}</p></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2655992"></a><h2>DESCRIPTION</h2>
+<a name="id2659708"></a><h2>DESCRIPTION</h2>
 <p>
      <span><strong class="command">nsec3hash</strong></span> generates an NSEC3 hash based on
      a set of NSEC3 parameters.  This can be used to check the validity
@@ -56,7 +56,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2656007"></a><h2>ARGUMENTS</h2>
+<a name="id2659723"></a><h2>ARGUMENTS</h2>
 <div class="variablelist"><dl>
 <dt><span class="term">salt</span></dt>
 <dd><p>
@@ -80,14 +80,14 @@
 </dl></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2656069"></a><h2>SEE ALSO</h2>
+<a name="id2659785"></a><h2>SEE ALSO</h2>
 <p>
      <em class="citetitle">BIND 9 Administrator Reference Manual</em>,
      <em class="citetitle">RFC 5155</em>.
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2656086"></a><h2>AUTHOR</h2>
+<a name="id2659802"></a><h2>AUTHOR</h2>
 <p><span class="corpauthor">Internet Systems Consortium</span>
    </p>
 </div>
--- a/doc/arm/man.nsupdate.html
+++ b/doc/arm/man.nsupdate.html
@@ -50,7 +50,7 @@
 <div class="cmdsynopsis"><p><code class="command">nsupdate</code>  [<code class="option">-d</code>] [<code class="option">-D</code>] [[<code class="option">-g</code>] |  [<code class="option">-o</code>] |  [<code class="option">-l</code>] |  [<code class="option">-y <em class="replaceable"><code>[<span class="optional">hmac:</span>]keyname:secret</code></em></code>] |  [<code class="option">-k <em class="replaceable"><code>keyfile</code></em></code>]] [<code class="option">-t <em class="replaceable"><code>timeout</code></em></code>] [<code class="option">-u <em class="replaceable"><code>udptimeout</code></em></code>] [<code class="option">-r <em class="replaceable"><code>udpretries</code></em></code>] [<code class="option">-R <em class="replaceable"><code>randomdev</code></em></code>] [<code class="option">-v</code>] [<code class="option">-T</code>] [<code class="option">-P</code>] [filename]</p></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2640467"></a><h2>DESCRIPTION</h2>
+<a name="id2640974"></a><h2>DESCRIPTION</h2>
 <p><span><strong class="command">nsupdate</strong></span>
      is used to submit Dynamic DNS Update requests as defined in RFC 2136
      to a name server.
@@ -226,7 +226,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2677289"></a><h2>INPUT FORMAT</h2>
+<a name="id2677729"></a><h2>INPUT FORMAT</h2>
 <p><span><strong class="command">nsupdate</strong></span>
      reads input from
      <em class="parameter"><code>filename</code></em>
@@ -514,7 +514,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2678286"></a><h2>EXAMPLES</h2>
+<a name="id2678862"></a><h2>EXAMPLES</h2>
 <p>
      The examples below show how
      <span><strong class="command">nsupdate</strong></span>
@@ -568,7 +568,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2678405"></a><h2>FILES</h2>
+<a name="id2678913"></a><h2>FILES</h2>
 <div class="variablelist"><dl>
 <dt><span class="term"><code class="constant">/etc/resolv.conf</code></span></dt>
 <dd><p>
@@ -591,7 +591,7 @@
 </dl></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2678488"></a><h2>SEE ALSO</h2>
+<a name="id2679132"></a><h2>SEE ALSO</h2>
 <p>
      <em class="citetitle">RFC 2136</em>,
      <em class="citetitle">RFC 3007</em>,
@@ -606,7 +606,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2678546"></a><h2>BUGS</h2>
+<a name="id2679190"></a><h2>BUGS</h2>
 <p>
      The TSIG key is redundantly stored in two separate files.
      This is a consequence of nsupdate using the DST library
--- a/doc/arm/man.rndc-confgen.html
+++ b/doc/arm/man.rndc-confgen.html
@@ -50,7 +50,7 @@
 <div class="cmdsynopsis"><p><code class="command">rndc-confgen</code>  [<code class="option">-a</code>] [<code class="option">-b <em class="replaceable"><code>keysize</code></em></code>] [<code class="option">-c <em class="replaceable"><code>keyfile</code></em></code>] [<code class="option">-h</code>] [<code class="option">-k <em class="replaceable"><code>keyname</code></em></code>] [<code class="option">-p <em class="replaceable"><code>port</code></em></code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [<code class="option">-s <em class="replaceable"><code>address</code></em></code>] [<code class="option">-t <em class="replaceable"><code>chrootdir</code></em></code>] [<code class="option">-u <em class="replaceable"><code>user</code></em></code>]</p></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2647731"></a><h2>DESCRIPTION</h2>
+<a name="id2646190"></a><h2>DESCRIPTION</h2>
 <p><span><strong class="command">rndc-confgen</strong></span>
      generates configuration files
      for <span><strong class="command">rndc</strong></span>.  It can be used as a
@@ -66,7 +66,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2647797"></a><h2>OPTIONS</h2>
+<a name="id2646257"></a><h2>OPTIONS</h2>
 <div class="variablelist"><dl>
 <dt><span class="term">-a</span></dt>
 <dd>
@@ -173,7 +173,7 @@
 </dl></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2653030"></a><h2>EXAMPLES</h2>
+<a name="id2655859"></a><h2>EXAMPLES</h2>
 <p>
      To allow <span><strong class="command">rndc</strong></span> to be used with
      no manual configuration, run
@@ -190,7 +190,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2653086"></a><h2>SEE ALSO</h2>
+<a name="id2657144"></a><h2>SEE ALSO</h2>
 <p><span class="citerefentry"><span class="refentrytitle">rndc</span>(8)</span>,
      <span class="citerefentry"><span class="refentrytitle">rndc.conf</span>(5)</span>,
      <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
@@ -198,7 +198,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2654763"></a><h2>AUTHOR</h2>
+<a name="id2657182"></a><h2>AUTHOR</h2>
 <p><span class="corpauthor">Internet Systems Consortium</span>
    </p>
 </div>
--- a/doc/arm/man.rndc.conf.html
+++ b/doc/arm/man.rndc.conf.html
@@ -50,7 +50,7 @@
 <div class="cmdsynopsis"><p><code class="command">rndc.conf</code> </p></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2642533"></a><h2>DESCRIPTION</h2>
+<a name="id2614573"></a><h2>DESCRIPTION</h2>
 <p><code class="filename">rndc.conf</code> is the configuration file
      for <span><strong class="command">rndc</strong></span>, the BIND 9 name server control
      utility.  This file has a similar structure and syntax to
@@ -135,7 +135,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2642705"></a><h2>EXAMPLE</h2>
+<a name="id2642803"></a><h2>EXAMPLE</h2>
 <pre class="programlisting">
      options {
        default-server  localhost;
@@ -209,7 +209,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2643031"></a><h2>NAME SERVER CONFIGURATION</h2>
+<a name="id2643812"></a><h2>NAME SERVER CONFIGURATION</h2>
 <p>
      The name server must be configured to accept rndc connections and
      to recognize the key specified in the <code class="filename">rndc.conf</code>
@@ -219,7 +219,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2643057"></a><h2>SEE ALSO</h2>
+<a name="id2643837"></a><h2>SEE ALSO</h2>
 <p><span class="citerefentry"><span class="refentrytitle">rndc</span>(8)</span>,
      <span class="citerefentry"><span class="refentrytitle">rndc-confgen</span>(8)</span>,
      <span class="citerefentry"><span class="refentrytitle">mmencode</span>(1)</span>,
@@ -227,7 +227,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2644187"></a><h2>AUTHOR</h2>
+<a name="id2643876"></a><h2>AUTHOR</h2>
 <p><span class="corpauthor">Internet Systems Consortium</span>
    </p>
 </div>
--- a/doc/arm/man.rndc.html
+++ b/doc/arm/man.rndc.html
@@ -50,7 +50,7 @@
 <div class="cmdsynopsis"><p><code class="command">rndc</code>  [<code class="option">-b <em class="replaceable"><code>source-address</code></em></code>] [<code class="option">-c <em class="replaceable"><code>config-file</code></em></code>] [<code class="option">-k <em class="replaceable"><code>key-file</code></em></code>] [<code class="option">-s <em class="replaceable"><code>server</code></em></code>] [<code class="option">-p <em class="replaceable"><code>port</code></em></code>] [<code class="option">-V</code>] [<code class="option">-y <em class="replaceable"><code>key_id</code></em></code>] {command}</p></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2641888"></a><h2>DESCRIPTION</h2>
+<a name="id2641713"></a><h2>DESCRIPTION</h2>
 <p><span><strong class="command">rndc</strong></span>
      controls the operation of a name
      server.  It supersedes the <span><strong class="command">ndc</strong></span> utility
@@ -79,7 +79,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2641938"></a><h2>OPTIONS</h2>
+<a name="id2641763"></a><h2>OPTIONS</h2>
 <div class="variablelist"><dl>
 <dt><span class="term">-b <em class="replaceable"><code>source-address</code></em></span></dt>
 <dd><p>
@@ -151,7 +151,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2642299"></a><h2>LIMITATIONS</h2>
+<a name="id2642534"></a><h2>LIMITATIONS</h2>
 <p><span><strong class="command">rndc</strong></span>
      does not yet support all the commands of
      the BIND 8 <span><strong class="command">ndc</strong></span> utility.
@@ -165,7 +165,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2642330"></a><h2>SEE ALSO</h2>
+<a name="id2642565"></a><h2>SEE ALSO</h2>
 <p><span class="citerefentry"><span class="refentrytitle">rndc.conf</span>(5)</span>,
      <span class="citerefentry"><span class="refentrytitle">rndc-confgen</span>(8)</span>,
      <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
@@ -175,7 +175,7 @@
    </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2642386"></a><h2>AUTHOR</h2>
+<a name="id2642620"></a><h2>AUTHOR</h2>
 <p><span class="corpauthor">Internet Systems Consortium</span>
    </p>
 </div>