Hi,
Thank you for the report. Since bugzilla is down for maintenance I'll answer here.
> RFC2535 - 6.1 The AD and CD Header Bits
>
>
> Two previously unused bits are allocated out of the DNS
> query/response format header. The AD (authentic data) bit indicates
> in a response that all the data included in the answer and authority
> portion of the response has been authenticated by the server
> according to the policies of that server. The CD (checking disabled)
> bit indicates in a query that Pending (non-authenticated) data is
> acceptable to the resolver sending the query.
I fail to see the problem here. CD is relevant only in query, AD is relevant
only in reply. That is what is decoded.
Thanx,
Jaap