[dns-operations] Implementation of negative trust anchors?

David Conrad drc at virtualized.org
Fri Aug 23 14:19:07 UTC 2013


On Aug 22, 2013, at 3:19 PM, Paul Hoffman <paul.hoffman at vpnc.org> wrote:
> On Aug 22, 2013, at 2:47 PM, David Conrad <drc at virtualized.org> wrote:
>> A resolver operator deploying an NTA is making an assertion that data behind a name is safe despite protocol indications that is may not be.
> 
> Where is that stated? I ask, because it would seem that a better description would be that they are asserting that the data behind a name is unprotected by DNSSSEC.

Apologies for using shorthand.  The term 'safe' in my comment meant that it was what was intended by the zone editor.

Regards,
-drc

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.dns-oarc.net/pipermail/dns-operations/attachments/20130823/232a7d7e/attachment.sig>


More information about the dns-operations mailing list