- Clients communicating via the :any:`controls` socket using configured keys
- Access to :any:`statistics-channels` from untrusted clients
- Sockets used for :any:`update-policy` type `external`
-- Configuring resources (views, zones, ...) with non-Internet (IN) Resource
- Record classes (like CHAOS or HESIOD)
+
+Problems that can only be triggered by configuring resources
+(views, zones, ...) with DNS classes other than Internet (IN), such as
+CHAOS (CH) or HESIOD (HS), cannot be the basis for CVE assignment or
+special security-sensitive handling of issues.
Certain aspects of the DNS protocol are left unspecified, such as the handling of
responses from DNS servers which do not fully conform to the DNS protocol. For