DNSSEC Strict Mode
draft-schwartz-dnsop-dnssec-strict-mode-00
Document | Type |
Expired Internet-Draft
(individual)
Expired & archived
|
|
---|---|---|---|
Author | Benjamin M. Schwartz | ||
Last updated | 2021-08-26 (Latest revision 2021-02-22) | ||
RFC stream | (None) | ||
Intended RFC status | (None) | ||
Formats | |||
Stream | Stream state | (No stream defined) | |
Consensus boilerplate | Unknown | ||
RFC Editor Note | (None) | ||
IESG | IESG state | Expired | |
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
Currently, the DNSSEC security of a zone is limited by the strength of its weakest signature algorithm. DNSSEC Strict Mode makes zones as secure as their strongest algorithm instead. Discussion Venues This note is to be removed before publishing as an RFC. Discussion of this document takes place on the mailing list (dnsop@ietf.org), which is archived at https://mailarchive.ietf.org/arch/browse/dnsop/. Source for this draft and an issue tracker can be found at https://github.com/bemasc/dnssec-strict-mode.
Authors
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)