I-D Action: draft-livingood-negative-trust-anchors-04.txt

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



A New Internet-Draft is available from the on-line Internet-Drafts directories.


	Title           : Definition and Use of DNSSEC Negative Trust Anchors
	Author(s)       : Jason Livingood
                          Chris Griffiths
	Filename        : draft-livingood-negative-trust-anchors-04.txt
	Pages           : 15
	Date            : 2013-02-17

Abstract:
   DNS Security Extensions (DNSSEC) is now entering widespread
   deployment.  However, domain signing tools and processes are not yet
   as mature and reliable as is the case for non-DNSSEC-related domain
   administration tools and processes.  One potential technique to
   mitigate this is to use a Negative Trust Anchor, which is defined in
   this document.

   This document discusses Trust Anchors for DNSSEC and defines a
   Negative Trust Anchor, which is potentially useful during the
   transition to ubiquitous DNSSEC deployment.  These are configured
   locally on a particular instance of a validating DNS recursive
   resolver and can shield end users of such a resolver from the DNSSEC-
   related authoritative name server operational errors that appear to
   be somewhat typical during the transition to ubiquitous DNSSEC
   deployment.  Negative Trust Anchors are intended to be temporary, and
   should not be distributed by IANA or any other organization outside
   of the administrative boundary of the organization locally
   implementing a Negative Trust Anchor.  Finally, Negative Trust
   Anchors pertain only to DNSSEC and not to Public Key Infrastructures
   (PKI) such ad X.509.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-livingood-negative-trust-anchors

There's also a htmlized version available at:
http://tools.ietf.org/html/draft-livingood-negative-trust-anchors-04

A diff from the previous version is available at:
http://www.ietf.org/rfcdiff?url2=draft-livingood-negative-trust-anchors-04


Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt


[Index of Archives]     [IETF]     [IETF Discussion]     [Linux Kernel]

  Powered by Linux