FORWARD: don't validate NS in authority section
Fixes knot/knot-resolver#248 Some (exotic?) resolvers add extra NS records but doesn't provide signatures for them even though we ask with +dnssec +cd. That lead to validation errors. Current example server: 220.127.116.11 Let's not try to validate them when FORWARDing, as we won't most likely need those records anyway (contrary to iteration mode).
Showing with 9 additions and 5 deletions