Javascript disabled? Like other modern websites, the IETF Datatracker relies on Javascript. Please enable Javascript for full functionality.

DNSSEC Opt-In
draft-blacka-dnssec-opt-in-01

Versions:

This document is an Internet-Draft (I-D). Anyone may submit an I-D to the IETF. This I-D is not endorsed by the IETF and has no formal standing in the IETF standards process.

Document	Type	Expired Internet-Draft (individual) Expired & archived
	Author	Roy Arends
	Last updated	2004-12-27
	RFC stream	(None)
	Intended RFC status	(None)
	Formats	txt htmlized bibtex bibxml
Stream	Stream state	(No stream defined)
	Consensus boilerplate	Unknown
	RFC Editor Note	(None)
IESG	IESG state	Expired
	Telechat date	(None)
	Responsible AD	(None)
	Send notices to	(None)

Email authors IPR References Referenced by Nits Search email archive

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:

txt htmlized bibtex bibxml

Abstract

In DNSSEC (RFC 2535bis, [3], [4], and [5]), delegations to unsigned subzones are cryptographically secured. Maintaining this cryptography is not practical or necessary. This document describes an experimental 'Opt-In' model that allows administrators to omit this cryptography and manage the cost of adopting DNSSEC with large zones.

Authors

Roy Arends

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)

DNSSEC Opt-In draft-blacka-dnssec-opt-in-01

DNSSEC Opt-In
draft-blacka-dnssec-opt-in-01