Deprecate 'dnssec-must-be-secure' option (!8267) · Merge requests · ISC Open Source Projects / BIND

The dnssec-must-be-secure feature was added in the early days of BIND 9 and DNSSEC and it makes sense only as a debugging feature.

Remove the feature to simplify the code.

Edited Dec 07, 2023 by Michał Kępień

Deprecate 'dnssec-must-be-secure' option