%% You should probably cite rfc8198 instead of this I-D.
@techreport{ietf-dnsop-nsec-aggressiveuse-09,
    number =    {draft-ietf-dnsop-nsec-aggressiveuse-09},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-ietf-dnsop-nsec-aggressiveuse/09/},
    author =    {Kazunori Fujiwara and Akira Kato and Warren "Ace" Kumari},
    title =     {{Aggressive use of DNSSEC-validated Cache}},
    pagetotal = 16,
    year =      2017,
    month =     mar,
    day =       30,
    abstract =  {The DNS relies upon caching to scale; however, the cache lookup generally requires an exact match. This document specifies the use of NSEC/NSEC3 resource records to allow DNSSEC validating resolvers to generate negative answers within a range, and positive answers from wildcards. This increases performance / decreases latency, decreases resource utilization on both authoritative and recursive servers, and also increases privacy. It may also help increase resilience to certain DoS attacks in some circumstances. This document updates RFC4035 by allowing validating resolvers to generate negative answers based upon NSEC/NSEC3 records (and positive answers in the presence of wildcards). {[} Ed note: Text inside square brackets ({[}{]}) is additional background information, answers to frequently asked questions, general musings, etc. They will be removed before publication.This document is being collaborated on in Github at: https://github.com/wkumari/draft-ietf- dnsop-nsec-aggressiveuse. The most recent version of the document, open issues, etc should all be available here. The authors (gratefully) accept pull requests.{]}},
}