--- bind-9.3.6-P1-options.txt	Mon May  4 17:45:57 2009
+++ bind-9.6.1b1-options.txt	Mon May  4 17:46:04 2009
@@ -8,9 +8,14 @@
         inet ( <ipv4_address> | <ipv6_address> | * ) [ port ( <integer> | *
             ) ] allow { <address_match_element>; ... } [ keys { <string>;
             ... } ];
-        unix <unsupported>; // not implemented
+        unix <quoted_string> perm <integer> owner <integer> group <integer>
+            [ keys { <string>; ... } ];
 };
 
+dlz <string> {
+        database <string>;
+};
+
 key <string> {
         algorithm <string>;
         secret <string>;
@@ -43,12 +48,19 @@
     <integer> ] | <ipv6_address> [ port <integer> ] ) [ key <string> ]; ... };
 
 options {
+        acache-cleaning-interval <integer>;
+        acache-enable <boolean>;
         additional-from-auth <boolean>;
         additional-from-cache <boolean>;
         allow-notify { <address_match_element>; ... };
         allow-query { <address_match_element>; ... };
+        allow-query-cache { <address_match_element>; ... };
+        allow-query-cache-on { <address_match_element>; ... };
+        allow-query-on { <address_match_element>; ... };
         allow-recursion { <address_match_element>; ... };
+        allow-recursion-on { <address_match_element>; ... };
         allow-transfer { <address_match_element>; ... };
+        allow-update { <address_match_element>; ... };
         allow-update-forwarding { <address_match_element>; ... };
         allow-v6-synthesis { <address_match_element>; ... }; // obsolete
         also-notify [ port <integer> ] { ( <ipv4_address> | <ipv6_address>
@@ -61,8 +73,15 @@
         avoid-v6-udp-ports { <portrange>; ... };
         blackhole { <address_match_element>; ... };
         cache-file <quoted_string>;
+        check-integrity <boolean>;
+        check-mx ( fail | warn | ignore );
+        check-mx-cname ( fail | warn | ignore );
         check-names ( master | slave | response ) ( fail | warn | ignore );
+        check-sibling <boolean>;
+        check-srv-cname ( fail | warn | ignore );
+        check-wildcard <boolean>;
         cleaning-interval <integer>;
+        clients-per-query <integer>;
         coresize <size>;
         datasize <size>;
         deallocate-on-exit <boolean>; // obsolete
@@ -69,14 +88,20 @@
         dialup <dialuptype>;
         directory <quoted_string>;
         disable-algorithms <string> { <string>; ... };
+        disable-empty-zone <string>;
+        dnssec-accept-expired <boolean>;
         dnssec-enable <boolean>;
         dnssec-lookaside <string> trust-anchor <string>;
         dnssec-must-be-secure <string> <boolean>;
+        dnssec-validation <boolean>;
         dual-stack-servers [ port <integer> ] { ( <quoted_string> [ port
             <integer> ] | <ipv4_address> [ port <integer> ] |
             <ipv6_address> [ port <integer> ] ); ... };
         dump-file <quoted_string>;
         edns-udp-size <integer>;
+        empty-contact <string>;
+        empty-server <string>;
+        empty-zones-enable <boolean>;
         fake-iquery <boolean>; // obsolete
         fetch-glue <boolean>; // obsolete
         files <size>;
@@ -90,15 +115,18 @@
         host-statistics-max <integer>; // not implemented
         hostname ( <quoted_string> | none );
         interface-interval <integer>;
-        ixfr-from-differences <boolean>;
+        ixfr-from-differences <ixfrdiff>;
         key-directory <quoted_string>;
         lame-ttl <integer>;
         listen-on [ port <integer> ] { <address_match_element>; ... };
         listen-on-v6 [ port <integer> ] { <address_match_element>; ... };
         maintain-ixfr-base <boolean>; // obsolete
+        masterfile-format ( text | raw );
         match-mapped-addresses <boolean>;
+        max-acache-size <size_no_default>;
         max-cache-size <size_no_default>;
         max-cache-ttl <integer>;
+        max-clients-per-query <integer>;
         max-ixfr-log-size <size>; // obsolete
         max-journal-size <size_no_default>;
         max-ncache-ttl <integer>;
@@ -108,6 +136,8 @@
         max-transfer-idle-out <integer>;
         max-transfer-time-in <integer>;
         max-transfer-time-out <integer>;
+        max-udp-size <integer>;
+        memstatistics <boolean>;
         memstatistics-file <quoted_string>;
         min-refresh-time <integer>;
         min-retry-time <integer>;
@@ -117,8 +147,11 @@
         multiple-cnames <boolean>; // obsolete
         named-xfer <quoted_string>; // obsolete
         notify <notifytype>;
+        notify-delay <integer>;
         notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
         notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
+        notify-to-soa <boolean>;
+        nsec3-test-zone <boolean>; // test only
         pid-file ( <quoted_string> | none );
         port <integer>;
         preferred-glue <string>;
@@ -126,11 +159,14 @@
         query-source <querysource4>;
         query-source-v6 <querysource6>;
         querylog <boolean>;
+        queryport-pool-ports <integer>; // obsolete
+        queryport-pool-updateinterval <integer>; // obsolete
         random-device <quoted_string>;
         recursing-file <quoted_string>;
         recursion <boolean>;
         recursive-clients <integer>;
         request-ixfr <boolean>;
+        request-nsid <boolean>;
         reserved-sockets <integer>;
         rfc2308-type1 <boolean>; // not yet implemented
         root-delegation-only [ exclude { <quoted_string>; ... } ];
@@ -139,7 +175,10 @@
         serial-queries <integer>; // obsolete
         serial-query-rate <integer>;
         server-id ( <quoted_string> | none |;
-        sig-validity-interval <integer>;
+        sig-signing-nodes <integer>;
+        sig-signing-signatures <integer>;
+        sig-signing-type <integer>;
+        sig-validity-interval <integer> [ <integer> ];
         sortlist { <address_match_element>; ... };
         stacksize <size>;
         statistics-file <quoted_string>;
@@ -158,20 +197,31 @@
         transfers-out <integer>;
         transfers-per-ns <integer>;
         treat-cr-as-space <boolean>; // obsolete
+        try-tcp-refresh <boolean>;
+        update-check-ksk <boolean>;
         use-alt-transfer-source <boolean>;
         use-id-pool <boolean>; // obsolete
         use-ixfr <boolean>;
+        use-queryport-pool <boolean>; // obsolete
         use-v4-udp-ports { <portrange>; ... };
         use-v6-udp-ports { <portrange>; ... };
         version ( <quoted_string> | none );
+        zero-no-soa-ttl <boolean>;
+        zero-no-soa-ttl-cache <boolean>;
         zone-statistics <boolean>;
 };
 
-server <netaddr> {
+server <netprefix> {
         bogus <boolean>;
         edns <boolean>;
+        edns-udp-size <integer>;
         keys <server_key>;
+        max-udp-size <integer>;
+        notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
+        notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
         provide-ixfr <boolean>;
+        query-source <querysource4>;
+        query-source-v6 <querysource6>;
         request-ixfr <boolean>;
         support-ixfr <boolean>; // obsolete
         transfer-format ( many-answers | one-answer );
@@ -180,15 +230,27 @@
         transfers <integer>;
 };
 
+statistics-channels {
+        inet ( <ipv4_address> | <ipv6_address> | * ) [ port ( <integer> | *
+            ) ] [ allow { <address_match_element>; ... } ];
+};
+
 trusted-keys { <string> <integer> <integer> <integer> <quoted_string>; ... };
 
 view <string> <optional_class> {
+        acache-cleaning-interval <integer>;
+        acache-enable <boolean>;
         additional-from-auth <boolean>;
         additional-from-cache <boolean>;
         allow-notify { <address_match_element>; ... };
         allow-query { <address_match_element>; ... };
+        allow-query-cache { <address_match_element>; ... };
+        allow-query-cache-on { <address_match_element>; ... };
+        allow-query-on { <address_match_element>; ... };
         allow-recursion { <address_match_element>; ... };
+        allow-recursion-on { <address_match_element>; ... };
         allow-transfer { <address_match_element>; ... };
+        allow-update { <address_match_element>; ... };
         allow-update-forwarding { <address_match_element>; ... };
         allow-v6-synthesis { <address_match_element>; ... }; // obsolete
         also-notify [ port <integer> ] { ( <ipv4_address> | <ipv6_address>
@@ -198,22 +260,39 @@
             * ) ];
         auth-nxdomain <boolean>; // default changed
         cache-file <quoted_string>;
+        check-integrity <boolean>;
+        check-mx ( fail | warn | ignore );
+        check-mx-cname ( fail | warn | ignore );
         check-names ( master | slave | response ) ( fail | warn | ignore );
+        check-sibling <boolean>;
+        check-srv-cname ( fail | warn | ignore );
+        check-wildcard <boolean>;
         cleaning-interval <integer>;
+        clients-per-query <integer>;
+        database <string>;
         dialup <dialuptype>;
         disable-algorithms <string> { <string>; ... };
+        disable-empty-zone <string>;
+        dlz <string> {
+                database <string>;
+        };
+        dnssec-accept-expired <boolean>;
         dnssec-enable <boolean>;
         dnssec-lookaside <string> trust-anchor <string>;
         dnssec-must-be-secure <string> <boolean>;
+        dnssec-validation <boolean>;
         dual-stack-servers [ port <integer> ] { ( <quoted_string> [ port
             <integer> ] | <ipv4_address> [ port <integer> ] |
             <ipv6_address> [ port <integer> ] ); ... };
         edns-udp-size <integer>;
+        empty-contact <string>;
+        empty-server <string>;
+        empty-zones-enable <boolean>;
         fetch-glue <boolean>; // obsolete
         forward ( first | only );
         forwarders [ port <integer> ] { ( <ipv4_address> | <ipv6_address> )
             [ port <integer> ]; ... };
-        ixfr-from-differences <boolean>;
+        ixfr-from-differences <ixfrdiff>;
         key <string> {
                 algorithm <string>;
                 secret <string>;
@@ -221,11 +300,14 @@
         key-directory <quoted_string>;
         lame-ttl <integer>;
         maintain-ixfr-base <boolean>; // obsolete
+        masterfile-format ( text | raw );
         match-clients { <address_match_element>; ... };
         match-destinations { <address_match_element>; ... };
         match-recursive-only <boolean>;
+        max-acache-size <size_no_default>;
         max-cache-size <size_no_default>;
         max-cache-ttl <integer>;
+        max-clients-per-query <integer>;
         max-ixfr-log-size <size>; // obsolete
         max-journal-size <size_no_default>;
         max-ncache-ttl <integer>;
@@ -235,6 +317,7 @@
         max-transfer-idle-out <integer>;
         max-transfer-time-in <integer>;
         max-transfer-time-out <integer>;
+        max-udp-size <integer>;
         min-refresh-time <integer>;
         min-retry-time <integer>;
         min-roots <integer>; // not implemented
@@ -241,23 +324,37 @@
         minimal-responses <boolean>;
         multi-master <boolean>;
         notify <notifytype>;
+        notify-delay <integer>;
         notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
         notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
+        notify-to-soa <boolean>;
+        nsec3-test-zone <boolean>; // test only
         preferred-glue <string>;
         provide-ixfr <boolean>;
         query-source <querysource4>;
         query-source-v6 <querysource6>;
+        queryport-pool-ports <integer>; // obsolete
+        queryport-pool-updateinterval <integer>; // obsolete
         recursion <boolean>;
         request-ixfr <boolean>;
+        request-nsid <boolean>;
         rfc2308-type1 <boolean>; // not yet implemented
         root-delegation-only [ exclude { <quoted_string>; ... } ];
         rrset-order { [ class <string> ] [ type <string> ] [ name
             <quoted_string> ] <string> <string>; ... };
-        server <netaddr> {
+        server <netprefix> {
                 bogus <boolean>;
                 edns <boolean>;
+                edns-udp-size <integer>;
                 keys <server_key>;
+                max-udp-size <integer>;
+                notify-source ( <ipv4_address> | * ) [ port ( <integer> | *
+                    ) ];
+                notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer>
+                    | * ) ];
                 provide-ixfr <boolean>;
+                query-source <querysource4>;
+                query-source-v6 <querysource6>;
                 request-ixfr <boolean>;
                 support-ixfr <boolean>; // obsolete
                 transfer-format ( many-answers | one-answer );
@@ -267,7 +364,10 @@
                     <integer> | * ) ];
                 transfers <integer>;
         };
-        sig-validity-interval <integer>;
+        sig-signing-nodes <integer>;
+        sig-signing-signatures <integer>;
+        sig-signing-type <integer>;
+        sig-validity-interval <integer> [ <integer> ];
         sortlist { <address_match_element>; ... };
         suppress-initial-notify <boolean>; // not yet implemented
         topology { <address_match_element>; ... }; // not implemented
@@ -276,10 +376,16 @@
         transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
         trusted-keys { <string> <integer> <integer> <integer>
             <quoted_string>; ... };
+        try-tcp-refresh <boolean>;
+        update-check-ksk <boolean>;
         use-alt-transfer-source <boolean>;
+        use-queryport-pool <boolean>; // obsolete
+        zero-no-soa-ttl <boolean>;
+        zero-no-soa-ttl-cache <boolean>;
         zone <string> <optional_class> {
                 allow-notify { <address_match_element>; ... };
                 allow-query { <address_match_element>; ... };
+                allow-query-on { <address_match_element>; ... };
                 allow-transfer { <address_match_element>; ... };
                 allow-update { <address_match_element>; ... };
                 allow-update-forwarding { <address_match_element>; ... };
@@ -289,7 +395,13 @@
                     <integer> | * ) ];
                 alt-transfer-source-v6 ( <ipv6_address> | * ) [ port (
                     <integer> | * ) ];
+                check-integrity <boolean>;
+                check-mx ( fail | warn | ignore );
+                check-mx-cname ( fail | warn | ignore );
                 check-names ( fail | warn | ignore );
+                check-sibling <boolean>;
+                check-srv-cname ( fail | warn | ignore );
+                check-wildcard <boolean>;
                 database <string>;
                 delegation-only <boolean>;
                 dialup <dialuptype>;
@@ -300,8 +412,10 @@
                 ixfr-base <quoted_string>; // obsolete
                 ixfr-from-differences <boolean>;
                 ixfr-tmp-file <quoted_string>; // obsolete
+                journal <quoted_string>;
                 key-directory <quoted_string>;
                 maintain-ixfr-base <boolean>; // obsolete
+                masterfile-format ( text | raw );
                 masters [ port <integer> ] { ( <masters> | <ipv4_address> [
                     port <integer> ] | <ipv6_address> [ port <integer> ] )
                     [ key <string> ]; ... };
@@ -317,23 +431,33 @@
                 min-retry-time <integer>;
                 multi-master <boolean>;
                 notify <notifytype>;
+                notify-delay <integer>;
                 notify-source ( <ipv4_address> | * ) [ port ( <integer> | *
                     ) ];
                 notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer>
                     | * ) ];
+                notify-to-soa <boolean>;
+                nsec3-test-zone <boolean>; // test only
                 pubkey <integer> <integer> <integer>
                     <quoted_string>; // obsolete
-                sig-validity-interval <integer>;
+                sig-signing-nodes <integer>;
+                sig-signing-signatures <integer>;
+                sig-signing-type <integer>;
+                sig-validity-interval <integer> [ <integer> ];
                 transfer-source ( <ipv4_address> | * ) [ port ( <integer> |
                     * ) ];
                 transfer-source-v6 ( <ipv6_address> | * ) [ port (
                     <integer> | * ) ];
+                try-tcp-refresh <boolean>;
                 type ( master | slave | stub | hint | forward |
                     delegation-only );
+                update-check-ksk <boolean>;
                 update-policy { ( grant | deny ) <string> ( name |
-                    subdomain | wildcard | self ) <string> <rrtypelist>;
-                    ... };
+                    subdomain | wildcard | self | selfsub | selfwild |
+                    krb5-self | ms-self | krb5-subdomain | ms-subdomain |
+                    tcp-self | 6to4-self ) <string> <rrtypelist>; ... };
                 use-alt-transfer-source <boolean>;
+                zero-no-soa-ttl <boolean>;
                 zone-statistics <boolean>;
         };
         zone-statistics <boolean>;
@@ -342,6 +466,7 @@
 zone <string> <optional_class> {
         allow-notify { <address_match_element>; ... };
         allow-query { <address_match_element>; ... };
+        allow-query-on { <address_match_element>; ... };
         allow-transfer { <address_match_element>; ... };
         allow-update { <address_match_element>; ... };
         allow-update-forwarding { <address_match_element>; ... };
@@ -350,7 +475,13 @@
         alt-transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
         alt-transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> |
             * ) ];
+        check-integrity <boolean>;
+        check-mx ( fail | warn | ignore );
+        check-mx-cname ( fail | warn | ignore );
         check-names ( fail | warn | ignore );
+        check-sibling <boolean>;
+        check-srv-cname ( fail | warn | ignore );
+        check-wildcard <boolean>;
         database <string>;
         delegation-only <boolean>;
         dialup <dialuptype>;
@@ -361,8 +492,10 @@
         ixfr-base <quoted_string>; // obsolete
         ixfr-from-differences <boolean>;
         ixfr-tmp-file <quoted_string>; // obsolete
+        journal <quoted_string>;
         key-directory <quoted_string>;
         maintain-ixfr-base <boolean>; // obsolete
+        masterfile-format ( text | raw );
         masters [ port <integer> ] { ( <masters> | <ipv4_address> [ port
             <integer> ] | <ipv6_address> [ port <integer> ] ) [ key
             <string> ]; ... };
@@ -378,16 +511,27 @@
         min-retry-time <integer>;
         multi-master <boolean>;
         notify <notifytype>;
+        notify-delay <integer>;
         notify-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
         notify-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
+        notify-to-soa <boolean>;
+        nsec3-test-zone <boolean>; // test only
         pubkey <integer> <integer> <integer> <quoted_string>; // obsolete
-        sig-validity-interval <integer>;
+        sig-signing-nodes <integer>;
+        sig-signing-signatures <integer>;
+        sig-signing-type <integer>;
+        sig-validity-interval <integer> [ <integer> ];
         transfer-source ( <ipv4_address> | * ) [ port ( <integer> | * ) ];
         transfer-source-v6 ( <ipv6_address> | * ) [ port ( <integer> | * ) ];
+        try-tcp-refresh <boolean>;
         type ( master | slave | stub | hint | forward | delegation-only );
+        update-check-ksk <boolean>;
         update-policy { ( grant | deny ) <string> ( name | subdomain |
-            wildcard | self ) <string> <rrtypelist>; ... };
+            wildcard | self | selfsub | selfwild | krb5-self | ms-self |
+            krb5-subdomain | ms-subdomain | tcp-self | 6to4-self ) <string>
+            <rrtypelist>; ... };
         use-alt-transfer-source <boolean>;
+        zero-no-soa-ttl <boolean>;
         zone-statistics <boolean>;
 };