Merge branch '1943-remove-references-to-blacklist-and-whitelist-in-bind-arm' into 'master'

Resolve "Remove references to "blacklist" and "whitelist" in BIND ARM" Closes #1943 See merge request !3693

Merge branch '1943-remove-references-to-blacklist-and-whitelist-in-bind-arm' into 'master'
Resolve "Remove references to "blacklist" and "whitelist" in BIND ARM" Closes #1943 See merge request !3693
2473e3b2 · Ondřej Surý · 3210a427 · 4a04fb68 · 2473e3b2 · 2473e3b2
Commit 2473e3b2 authored Jun 16, 2020 by Ondřej Surý
--- a/doc/arm/logging-categories.rst
+++ b/doc/arm/logging-categories.rst
@@ -96,7 +96,7 @@
    Information about errors in response policy zone files, rewritten responses, and, at the highest ``debug`` levels, mere rewriting attempts.

 ``rpz-passthru``
-    Information about RPZ PASSTHRU policy activity. This category allows whitelist policy activity to be logged into a dedicated channel.
+    Information about RPZ PASSTHRU policy activity. This category allows pre-approved policy activity to be logged into a dedicated channel.

 ``security``
    Approval and denial of requests.

--- a/doc/arm/reference.rst
+++ b/doc/arm/reference.rst
@@ -3779,7 +3779,7 @@ Response Policy Zone (RPZ) Rewriting
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

 BIND 9 includes a limited mechanism to modify DNS responses for requests
-analogous to email anti-spam DNS blacklists. Responses can be changed to
+analogous to email anti-spam DNS rejection lists. Responses can be changed to
 deny the existence of domains (NXDOMAIN), deny the existence of IP
 addresses for domains (NODATA), or contain other IP addresses or data.

@@ -3910,12 +3910,12 @@ be used with any type of trigger to force the use of TCP for responses
 with owner names in a zone.

 ``PASSTHRU``
-   The whitelist policy is specified by a CNAME whose target is
+   The policy is specified by a CNAME whose target is
   ``rpz-passthru``. It causes the response to not be rewritten and is
   most often used to "poke holes" in policies for CIDR blocks.

 ``DROP``
-   The blacklist policy is specified by a CNAME whose target is
+   The policy is specified by a CNAME whose target is
   ``rpz-drop``. It causes the response to be discarded. Nothing is sent
   to the DNS client.

@@ -4076,7 +4076,7 @@ with this zone file:
   ns.domain.com.rpz-nsdname   CNAME   .
   48.zz.2.2001.rpz-nsip       CNAME   .

-   ; blacklist and whitelist some DNS clients
+   ; disapprove and approve some DNS clients
   112.zz.2001.rpz-client-ip    CNAME   rpz-drop.
   8.0.0.0.127.rpz-client-ip    CNAME   rpz-drop.

@@ -4165,7 +4165,7 @@ identical regardless of query type. They are limited by
 ``nxdomains-per-second`` (default ``responses-per-second``). This
 controls some attacks using random names, but can be relaxed or turned
 off (set to 0) on servers that expect many legitimate NXDOMAIN
-responses, such as from anti-spam blacklists. Referrals or delegations
+responses, such as from anti-spam rejection lists. Referrals or delegations
 to the server of a given domain are identical and are limited by
 ``referrals-per-second`` (default ``responses-per-second``).