@techreport{zatda-dprive-xfr-using-dso-00,
    number =    {draft-zatda-dprive-xfr-using-dso-00},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-zatda-dprive-xfr-using-dso/00/},
    author =    {Han Zhang and Pallavi Aras and Willem Toorop and Sara Dickinson and Allison Mankin},
    title =     {{DNS Zone Transfer using DNS Stateful Operations}},
    pagetotal = 21,
    year =      2019,
    month =     jul,
    day =       8,
    abstract =  {DNS zone transfers are transmitted in clear text, which gives attackers the opportunity to collect the content of a zone by eavesdropping on network connections. This document specifies use of DNS Stateful Operations to enable a subscribe/publish mechanism for zone transfers reducing the over head introduced by NOTITY/SOA interactions prior to zone transfer request. This additionally prevents zone contents collection via passive monitoring of zone transfers by restricting XFR using DSO to require TLS.},
}