Skip to main content

DNSSEC Strict Mode
draft-schwartz-dnsop-dnssec-strict-mode-00

Document Type Expired Internet-Draft (individual)
Expired & archived
Author Benjamin M. Schwartz
Last updated 2021-08-26 (Latest revision 2021-02-22)
RFC stream (None)
Intended RFC status (None)
Formats
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:

Abstract

Currently, the DNSSEC security of a zone is limited by the strength of its weakest signature algorithm. DNSSEC Strict Mode makes zones as secure as their strongest algorithm instead. Discussion Venues This note is to be removed before publishing as an RFC. Discussion of this document takes place on the mailing list (dnsop@ietf.org), which is archived at https://mailarchive.ietf.org/arch/browse/dnsop/. Source for this draft and an issue tracker can be found at https://github.com/bemasc/dnssec-strict-mode.

Authors

Benjamin M. Schwartz

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)