Skip to main content

Aggressive Use of DNSSEC-Validated Cache
draft-ietf-dnsop-nsec-aggressiveuse-10

Approval announcement
Draft of message to be sent after approval:

Announcement

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: tjw.ietf@gmail.com, The IESG <iesg@ietf.org>, dnsop-chairs@ietf.org, dnsop@ietf.org, draft-ietf-dnsop-nsec-aggressiveuse@ietf.org, Tim Wicinski <tjw.ietf@gmail.com>, rfc-editor@rfc-editor.org, terry.manderson@icann.org
Subject: Protocol Action: 'Aggressive use of DNSSEC-validated Cache' to Proposed Standard (draft-ietf-dnsop-nsec-aggressiveuse-10.txt)

The IESG has approved the following document:
- 'Aggressive use of DNSSEC-validated Cache'
  (draft-ietf-dnsop-nsec-aggressiveuse-10.txt) as Proposed Standard

This document is the product of the Domain Name System Operations Working
Group.

The IESG contact persons are Warren Kumari, Benoit Claise and Terry Manderson.

A URL of this Internet Draft is:
https://datatracker.ietf.org/doc/draft-ietf-dnsop-nsec-aggressiveuse/


Ballot Text

Technical Summary

This document specifies the use of NSEC/NSEC3 resource records to
allow  DNSSEC validating resolvers to generate negative answers within
a range, and positive answers from wildcards.  This increases
performance / decreases latency, decreases resource utilization on
both authoritative and recursive servers, and also increases privacy.
It may also help increase resilience to certain DoS attacks in some
circumstances.

Working Group Summary

Well reviewed by WG, nothing from the WG ML to suggest dissent.

Document Quality

Quality appears good.

Personnel

Document Shepherd: Tim Wicinski
AD: Terry Manderson; was Joel who hand-balled it to Warren, and he is an author.. 

RFC Editor Note