Folks,
While we have the attention of DNSOP folks this week, I'd like to ask for
review of this draft (I meant to send it earlier in time for f2f discussion
on Tuesday, but better late than never).
https://datatracker.ietf.org/doc/html/draft-huque-dnsop-blacklies-ent-01
Excerpt:
Empty Non-Terminal Sentinel for Black Lies
Abstract
The Black Lies method of providing compact DNSSEC denial of existence
proofs has some operational implications. Depending on the specific
implementation, it may provide no way to reliably distinguish Empty
Non-Terminal names from names that actually do not exist. This draft
describes the use of a synthetic DNS resource record type to act as
an explicit signal for Empty Non-Terminal names and which is conveyed
in an NSEC type bitmap.
[...]
Thanks!
Shumon.
_______________________________________________
DNSOP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dnsop
