DNSSEC Trust Anchor Publication for the Root Zone

The information below is for an old version of the document
Document Type Expired Internet-Draft (individual)
Authors Jakob Schlyter  , Joe Abley 
Last updated 2011-04-25 (latest revision 2010-10-19)
Stream (None)
Expired & archived
pdf htmlized bibtex
IETF conflict review conflict-review-jabley-dnssec-trust-anchor
Additional Resources
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


The root zone of the Domain Name System (DNS) has been cryptographically signed using DNS Security Extensions (DNSSEC). In order to obtain secure answers from the root zone of the DNS using DNSSEC, a client must configure a suitable trust anchor. This document describes how such trust anchors are published.


Jakob Schlyter (jakob@kirei.se)
Joe Abley (joe.abley@icann.org)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)