Is everyone monitoring the SVN? I've been out for a while, and just brought up the SVN changelog.
Wouter has been busy!! 
<http://unbound.nlnetlabs.nl/svn/trunk/doc/Changelog>
e.g.
12 September 2008: Wouter
- removed browser control mentions. Proto speccy.
11 September 2008: Wouter
- set nonblocking on new TCP streams, because linux does not inherit
the socket options to the accepted socket.
- fix TCP timeouts.
- SSL protected connection between server and unbound-control.
10 September 2008: Wouter
- remove memleak in privacy addresses on reloads and quits.
- remote control work.
9 September 2008: Wouter
- smallapp/unbound-control-setup.sh script to set up certificates.
4 September 2008: Wouter
- scrubber scrubs away private addresses.
- test for private addresses. man page entry.
- code refactored for name and address tree lookups.
3 September 2008: Wouter
- options for 'DNS Rebinding' protection: private-address and
private-domain.
- dnstree for reuse of routines that help with domain, addr lookups.
- private-address and private-domain config option read, stored.
2 September 2008: Wouter
- DoS protection features. Queries are jostled out to make room.
- testbound can pass time, increasing the internal timer.
- do not mark unsigned additionals bogus, leave unchecked, which
is removed too.
1 September 2008: Wouter
- disallow nonrecursive queries for cache snooping by default.
You can allow is using access-control: <subnet> allow_snoop.
The defaults do allow access no authoritative data without RD bit.
- two tests for it and fixups of tests for nonrec refused.
29 August 2008: Wouter
- version 1.1 number in trunk.
- harden-referral-path option for query for NS records.
Default turns off expensive, experimental option.
<snip>
