@misc{rfc8145,
    series =    {Request for Comments},
    number =    8145,
    howpublished =  {RFC 8145},
    publisher = {RFC Editor},
    doi =       {10.17487/RFC8145},
    url =       {https://www.rfc-editor.org/info/rfc8145},
    author =    {Duane Wessels and Warren "Ace" Kumari and Paul E. Hoffman},
    title =     {{Signaling Trust Anchor Knowledge in DNS Security Extensions (DNSSEC)}},
    pagetotal = 13,
    year =      2017,
    month =     apr,
    abstract =  {The DNS Security Extensions (DNSSEC) were developed to provide origin authentication and integrity protection for DNS data by using digital signatures. These digital signatures can be verified by building a chain of trust starting from a trust anchor and proceeding down to a particular node in the DNS. This document specifies two different ways for validating resolvers to signal to a server which keys are referenced in their chain of trust. The data from such signaling allow zone administrators to monitor the progress of rollovers in a DNSSEC-signed zone.},
}