RFC 7646 -Definition and Use of DNSSEC Negative Trust Anchors

Warren Kumari

Jason Livingood

Chris Griffiths

IETF RFCs, Internet Engineering Task Force (2015), pp. 15

Google Scholar

Abstract

DNS Security Extensions (DNSSEC) is now entering widespread deployment. However, domain signing tools and processes are not yet as mature and reliable as those for non-DNSSEC-related domain administration tools and processes. This document defines Negative Trust Anchors (NTAs), which can be used to mitigate DNSSEC validation failures by disabling DNSSEC validation at specified domains.

Research Areas

Human-computer interaction and visualization
Anti abuse

Explore our many areas of focus

Building a collaborative ecosystem

Shaping the future together

Translating discovery into real-world impact

RFC 7646 -Definition and Use of DNSSEC Negative Trust Anchors

Abstract

Research Areas

Meet the teams driving innovation

Google AI

Google Cloud

Google DeepMind

Google Labs