A new Request for Comments is now available in online RFC libraries.
RFC 7129
Title: Authenticated Denial of Existence in the DNS
Author: R. Gieben, W. Mekking
Status: Informational
Stream: Independent
Date: February 2014
Mailbox: miek@google.com,
matthijs@nlnetlabs.nl
Pages: 30
Characters: 62936
Updates/Obsoletes/SeeAlso: None
I-D Tag: draft-gieben-auth-denial-of-existence-dns-05.txt
URL: http://www.rfc-editor.org/rfc/rfc7129.txt
Authenticated denial of existence allows a resolver to validate that
a certain domain name does not exist. It is also used to signal that
a domain name exists but does not have the specific resource record
(RR) type you were asking for. When returning a negative DNS
Security Extensions (DNSSEC) response, a name server usually includes
up to two NSEC records. With NSEC version 3 (NSEC3), this amount is
three.
This document provides additional background commentary and some
context for the NSEC and NSEC3 mechanisms used by DNSSEC to provide
authenticated denial-of-existence responses.
INFORMATIONAL: This memo provides information for the Internet community.
It does not specify an Internet standard of any kind. Distribution of
this memo is unlimited.
This announcement is sent to the IETF-Announce and rfc-dist lists.
To subscribe or unsubscribe, see
http://www.ietf.org/mailman/listinfo/ietf-announce
http://mailman.rfc-editor.org/mailman/listinfo/rfc-dist
For searching the RFC series, see http://www.rfc-editor.org/search
For downloading RFCs, see http://www.rfc-editor.org/rfc.html
Requests for special distribution should be addressed to either the
author of the RFC in question, or to rfc-editor@rfc-editor.org. Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.
The RFC Editor Team
Association Management Solutions, LLC
