IETF Logo Mail Archive

[DNSOP] I-D Action: draft-ietf-dnsop-nsec-aggressiveuse-02.txt

internet-drafts@ietf.org Tue, 13 September 2016 15:28 UTC

Return-Path: <internet-drafts@ietf.org>
X-Original-To: dnsop@ietf.org
Delivered-To: dnsop@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 3A34E12B3E4; Tue, 13 Sep 2016 08:28:03 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.33.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <147378048323.23516.13638129997007497154.idtracker@ietfa.amsl.com>
Date: Tue, 13 Sep 2016 08:28:03 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/9T3161z47g6ZrcuG84RlvPaM5l8>
Cc: dnsop@ietf.org
Subject: [DNSOP] I-D Action: draft-ietf-dnsop-nsec-aggressiveuse-02.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.17
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Sep 2016 15:28:03 -0000

A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Domain Name System Operations of the IETF.

        Title           : Aggressive use of NSEC/NSEC3
        Authors         : Kazunori Fujiwara
                          Akira Kato
                          Warren Kumari
	Filename        : draft-ietf-dnsop-nsec-aggressiveuse-02.txt
	Pages           : 13
	Date            : 2016-09-13

Abstract:
   The DNS relies upon caching to scale; however, the cache lookup
   generally requires an exact match.  This document specifies the use
   of NSEC/NSEC3 resource records to generate negative answers within a
   range.  This increases performance / decreases latency, decreases
   resource utilization on both authoritative and recursive servers, and
   also increases privacy.  It may also help increase resilience to
   certain DoS attacks in some circumstances.

   This document updates RFC4035 by allowing resolvers to generate
   negative answers based upon NSEC/NSEC3 records.

   [ Ed note: Text inside square brackets ([]) is additional background
   information, answers to frequently asked questions, general musings,
   etc.  They will be removed before publication.This document is being
   collaborated on in Github at: https://github.com/wkumari/draft-ietf-
   dnsop-nsec-aggressiveuse.  The most recent version of the document,
   open issues, etc should all be available here.  The authors
   (gratefully) accept pull requests.

   Known / open issues [To be moved to Github issue tracker]:


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-dnsop-nsec-aggressiveuse/

There's also a htmlized version available at:
https://tools.ietf.org/html/draft-ietf-dnsop-nsec-aggressiveuse-02

A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-dnsop-nsec-aggressiveuse-02


Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

v2.31.3 | Report a Bug | By Email | System Status