Skip to main content

Definition and Use of DNSSEC Negative Trust Anchors
draft-livingood-dnsop-negative-trust-anchors-01

Document Type Expired Internet-Draft (individual)
Authors P Ebersman , Chris Griffiths , Warren "Ace" Kumari , Jason Livingood , Ralf Weber
Last updated 2021-06-25 (Latest revision 2014-10-23)
Stream (None)
Intended RFC status (None)
Formats
Expired & archived
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:

Abstract

DNS Security Extensions (DNSSEC) is now entering widespread deployment. However, domain signing tools and processes are not yet as mature and reliable as those for non-DNSSEC-related domain administration tools and processes. Negative Trust Anchors (described in this document) can be used to mitigate DNSSEC validation failures. [ Editor note: This document was originally draft-livingood-negative- trust-anchors-07 - renamved at the request of the DNSOP chairs ]

Authors

P Ebersman
Chris Griffiths
Warren "Ace" Kumari
Jason Livingood
Ralf Weber

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)