> Nonetheless, the significant deployment of
> DNSSEC within some top-level domains (TLDs), and the near-universal
> deployment of DNSSEC in the TLDs, demonstrate that DNSSEC is suitable
> for implementation by both ordinary and highly sophisticated domain
> owners.
Maybe it's my lack of dns
Hello.
This line is misleading, I believe:
- RFC8198 describes how a validating resolver can emit fewer queries
in signed zones that
use NSEC for negative caching.
That RFC describes aggressive caching also for NSEC3 and (positive)
wildcards. (Of course, opt-out NSEC3 records are
Hello,
On Thu, 2022-07-28 at 15:06 -0400, Tim Wicinski wrote:
> All
>
>
> This starts a Working Group Last Call for aft-ietf-dnsop-dnssec-bcp,
> "DNS Security Extensions (DNSSEC)"
>
> Current versions of the draft is available here:
> https://datatracker.ie
All
This starts a Working Group Last Call for aft-ietf-dnsop-dnssec-bcp,
"DNS Security Extensions (DNSSEC)"
Current versions of the draft is available here:
https://datatracker.ietf.org/doc/draft-ietf-dnsop-dnssec-bcp/
The Current Intended Status of this document is: Best Curren