1. DNS/用語/in-bailiwick

http://www.faqs.org/rfcs/rfc7719.html RFC 7719 - DNS Terminology DNS/RFC/7719

https://kops.uni-konstanz.de/bitstream/handle/123456789/30298/Kaiser_0-267760.pdf 

Bailiwick rules are not specified in an RFC but [2] advises to
only accept in domain records among other tips to make DNS more secure.

私は毒盛対策の視点から、in-bailiwickをきちんと定義したいと思う。-- ToshinoriMaeno 2016-01-23 10:59:49

"in bailiwick dns" で検索してみた。  https://lists.isc.org/pipermail/bind-users/2003-July/045082.html 

the point is minimizing the number of servers you have to trust.

DJBが言い出した、というひとびとを見かけた。  https://lists.isc.org/pipermail/bind-users/2003-July/045075.html

I'd never heard this phrase before, so I had to go look see where it was used. Mostly by D. J. Bernstein, a bright guy who has trouble in discussing things without getting too emotional about them, so a lot of his good points get overlooked along with the bad ones. ;-] And he does have some good points; but by not being able to discuss them, he can't develop them as well as he might otherwise. For both reasons, therefore, no RFCs.

DNS/hitch-hiker/bailiwick-rule

The "bailiwick" of content DNS servers.

http://homepage.ntlworld.com/jonathan.deboynepollard/FGA/dns-server-bailiwick.html 

The bailiwick of a content DNS server is quite a simple notion.
It is the domain that was used in the referral that directed a resolving proxy DNS server
to that content DNS server in the first place.
When a superdomain's content DNS servers issue a referral
saying "Ask those servers over there about that particular domain.",
then the domain in the referral is the bailiwick of the content DNS servers
when they come to be queried.

議論の余地がある。 

For another example: The Verisign/Network Solutions content DNS servers serve up information on names in "com." and "net.". Their bailiwick is "com." or "net.", depending from the query being resolved at the time, and hence from what domain the "." content DNS servers actually issued the referral pointing at them in the first place. 

the term in-bailiwick means that name server for a domain is in the same domain,
ie www.yourdomain.tld name server is ns.yourdomain.tld vs ns.otherdomain.tld

「内部名」と訳すひともいるのだが、曖昧だ。

http://cr.yp.to/djbdns/notes.html

2013/2/24 http://conference.apnic.net/__data/assets/pdf_file/0004/58846/yongjin_apricot2013_20130225_1361832625.pdf

What is glue A and why is it necessary?

https://archive.farsightsecurity.com/Passive_DNS/passive_dns_hardening_handout.pdf

Passive DNS Hardening - Farsight Security Archive

2. pdns

対応したのが 2011 年か。 http://mailman.powerdns.com/pipermail/pdns-users/2011-July/007939.html

3. Yeti DNS

http://lists.yeti-dns.org/pipermail/discuss/2015-August/000180.html

[Yeti DNS Discuss] Out-of-bailiwick glue in the root zone http://lists.yeti-dns.org/pipermail/discuss/2015-August/000181.html

Davey found this example (there are many more): 

abb.           172800 IN NS   d5.nstld.com.
d5.nstld.com.  172800 IN A    192.31.80.34

d5.nstld.com is under the .COM domain, and it is not glue for the .COM
domain itself. As I understand it, a careful resolver will ignore
this to avoid possibly corrupting its cache.

4. Root Zone Glue Handling

https://archive.icann.org/en/tlds/report-root-zone-glue-handling-nov09-en.pdf