DNSSEC Validator Requirements

The information below is for an old version of the document
Document Type Expired Internet-Draft (individual)
Authors Daniel Migault  , Edward Lewis  , Dan York 
Last updated 2019-06-01 (latest revision 2018-11-28)
Replaced by draft-ietf-dnsop-dnssec-validator-requirements
Stream (None)
Expired & archived
pdf htmlized bibtex
Additional Resources
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


The DNS Security Extensions define a process for validating received data and assert them authentic and complete as opposed to forged. This document describes what is needed in implementations to make the validation process manageable Considerations for accurate time as well as management of the trust anchor store.


Daniel Migault (daniel.migault@ericsson.com)
Edward Lewis (edward.lewis@icann.org)
Dan York (york@isoc.org)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)