From 40b9aa2e0b931560bba46ddf4121d9b68f2cf1b8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20=C5=A0pa=C4=8Dek?= <pspacek@isc.org>
Date: Thu, 16 Jun 2022 16:54:12 +0200
Subject: [PATCH] Deduplicate max-zone-ttl definition in the ARM

This is confusing as hell, but we cannot fix that in the manual itself.
At least now the user is made aware of two distinct defaults.

(cherry picked from commit 405a0931eab2c00326b7ac01163d56389f15d293)
---
 doc/arm/reference.rst | 24 ++++++++++--------------
 1 file changed, 10 insertions(+), 14 deletions(-)

diff --git a/doc/arm/reference.rst b/doc/arm/reference.rst
index 2a407edbb9..a524a1354c 100644
--- a/doc/arm/reference.rst
+++ b/doc/arm/reference.rst
@@ -1784,14 +1784,19 @@ default is used.
    of ``text`` or ``raw``, any record encountered with a TTL higher than
    ``max-zone-ttl`` causes the zone to be rejected.
 
-   This is useful in DNSSEC-signed zones because when rolling to a new
+   This is needed in DNSSEC-maintained zones because when rolling to a new
    DNSKEY, the old key needs to remain available until RRSIG records
    have expired from caches. The ``max-zone-ttl`` option guarantees that
    the largest TTL in the zone is no higher than the set value.
 
-   The default value is ``unlimited``. A ``max-zone-ttl`` of zero is
+   In the :namedconf:ref:`options` and :namedconf:ref:`zone` blocks,
+   the default value is ``unlimited``. A ``max-zone-ttl`` of zero is
    treated as ``unlimited``.
 
+   In the :namedconf:ref:`dnssec-policy` block,
+   the default value is ``PT24H`` (24 hours).  A ``max-zone-ttl`` of
+   zero is treated as if the default value were in use.
+
 .. namedconf:statement:: stale-answer-ttl
 
    This specifies the TTL to be returned on stale answers. The default is 30
@@ -5926,19 +5931,10 @@ The following options can be specified in a ``dnssec-policy`` statement:
     This is similar to ``signatures-validity``, but for DNSKEY records.
     The default is ``P2W`` (2 weeks).
 
-.. namedconf:statement:: max-zone-ttl
+``max-zone-ttl``
 
-    Like the ``max-zone-ttl`` zone option, this specifies the maximum
-    permissible TTL value, in seconds, for the zone.
-
-    This is needed in DNSSEC-maintained zones because when rolling to a
-    new DNSKEY, the old key needs to remain available until RRSIG
-    records have expired from caches.  The ``max-zone-ttl`` option
-    guarantees that the largest TTL in the zone is no higher than the
-    set value.
-
-    The default value is ``PT24H`` (24 hours).  A ``max-zone-ttl`` of
-    zero is treated as if the default value were in use.
+   Like the :namedconf:ref:`max-zone-ttl` zone option, this specifies the maximum
+   permissible TTL value, in seconds, for the zone.
 
 .. namedconf:statement:: nsec3param