@techreport{ietf-dnsext-signed-nonexistence-requirements-03,
    number =    {draft-ietf-dnsext-signed-nonexistence-requirements-03},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-ietf-dnsext-signed-nonexistence-requirements/03/},
    author =    {Rip Loomis and Ben Laurie},
    title =     {{Requirements related to DNSSEC Signed Proof of Non-Existence}},
    pagetotal = 14,
    year =      2006,
    month =     jun,
    day =       19,
    abstract =  {DNSSEC-bis uses the NSEC record to provide authenticated denial of existence of RRsets. NSEC also has the side-effect of permitting zone enumeration, even if zone transfers have been forbidden. Because some see this as a problem, this document has been assembled to detail the possible requirements for denial of existence A/K/A signed proof of non-existence.},
}