[dns-operations] Implementation of negative trust anchors?
Evan Hunt
each at isc.org
Fri Aug 23 19:37:41 UTC 2013
> The best bet to keep them from a static "validation off" is an
> automatically sunsetting form.
"rndc nta ." (as I envision it) would be functionally equivalent to an
automatically sunsetting "validation off".
> I can't believe you're seriously suggesting that words in any IETF
> document telling people to use narrow NTAs would have any effect
> on resolver operators.
Of course not, but it could affect the choices made by DNS implementors.
(I expect to pay attention to Jason's draft if and when I implement this
feature.)
--
Evan Hunt -- each at isc.org
Internet Systems Consortium, Inc.
More information about the dns-operations
mailing list