3760. [bug] Improve SIT with native PKCS#11 and on Windows.
[RT #35433]
3759. [port] Enable delve on Windows. [RT #35441]
3758. [port] Enable export library APIs on windows. [RT #35382]
3751. [tuning] The default setting for the -U option (setting
the number of UDP listeners per interface) has
been adjusted to improve performance. [RT #35417]
in draft-andrews-dnsext-expire-00. Retrivial of
remaining time to expiry from slave zones is supported.
EXPIRE uses an experimental option code (65002) and
is subject to change. [RT #35416]
3749. [func] "dig +subnet" sends an EDNS client subnet option
containing the specified address/prefix when
querying. (Thanks to Wilmer van der Gaast.)
[RT #35415]
3746. [func] New "max-zone-ttl" option enforces maximum
TTLs for zones. If loading a zone containing a
higher TTL, the load fails. DDNS updates with
higher TTLs are accepted but the TTL is truncated.
(Note: Currently supported for master zones only;
inline-signing slaves will be added.) [RT #38405]
3745. [func] "configure --with-tuning=large" adjusts various
compiled-in constants and default settings to
values suited to large servers with abundant
memory. [RT #29538]
(which are similar to DNS Cookies by Donald Eastlake)
and are designed to help clients detect off path
spoofed responses and for servers to detect legitimate
clients.
SIT use a experimental EDNS option code (65001).
SIT can be enabled via --enable-developer or
--enable-sit. It is on by default in Windows.
RRL processing as been updated to know about SIT with
legitimate clients not being rate limited. [RT #35389]
