[dns-operations] Implementation of negative trust anchors?
Ralf Weber
Ralf.Weber at nominum.com
Wed Aug 21 05:33:59 UTC 2013
Moin!
On 20.08.2013, at 20:14, Doug Barton <dougb at dougbarton.us> wrote:
> Rumor has it that Nominum and Fortidns have implementations for NTAs. Any truth to those rumors?
It's not a rumor. Nominum Vantio had this feature for some time now. As FortiDNS uses that for DNS resolution I guess it also has it.
> Anyone else have an implementation?
AFAIK Unbound also has that feature.
> Any patches for BIND?
I don't know.
> FWIW, I remain opposed to the idea, but trying to do due diligence.
I still like the idea as it is the only way for big resolver providers to deploy DNSSEC when there competitors have not.
So long
-Ralf
---
Ralf Weber
Senior Infrastructure Architect
Nominum Inc.
2000 Seaport Blvd. Suite 400
Redwood City, California 94063
ralf.weber at nominum.com
More information about the dns-operations
mailing list