Deprecation notice for BIND 9.18: (root-)delegation-only option

[Matus UHLAR - fantomas]

On 22.03.23 17:36, Ondřej Surý wrote:
>in line with our deprecation policy, I am notifying the mailing list about our intent
>to deprecated the delegation-only and root-delegation-only options.  This is again
>adept for expedited deprecation - it will be removed in BIND 9.20 and deprecated
>in BIND 9.18.

what's the reason? Code cleanliness?
Or is it problematic to maintain?

>The (root-)delegation-options were introduced as a countermeasure for the infamous
>Site Finder by Verisign[1]. With the controversy around this and introduction of DNSSEC,
>the likelihood of this happening is infinitesimal.
>
>If you don't even know what those options does, the TL;DR is that it disables
>the non-delegation records for configured domains (TLD), this in turns might
>break legitimate TLDs like .de, .fr, .museum and others [2][3].
>
>If you know a legitimate reason to keep those options, please describe the use case
>here or in the issue mention below.

well, if "just for sure no other AH tries that again" is not a reason for 
you...

-- 
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Honk if you love peace and quiet.