From: DNSOP <[email protected]> On Behalf Of Shumon Huque
Sent: Tuesday, July 27, 2021 7:35 PM
To: [email protected] WG <[email protected]>
Subject: [EXTERNAL] [DNSOP] Empty Non-Terminal sentinel for Black Lies
Caution: This email originated from outside the organization. Do not click
links or open attachments unless you recognize the sender and know the content
is safe.
Folks,
While we have the attention of DNSOP folks this week, I'd like to ask for
review of this draft (I meant to send it earlier in time for f2f discussion on
Tuesday, but better late than never).
https://datatracker.ietf.org/doc/html/draft-huque-dnsop-blacklies-ent-01<https://secure-web.cisco.com/1YTiuVe-DvVNG7ASvMGQwCQ_8P7vWlgGf0Klt0graLQOeSAlwlixroDJUbX3WZFF7Kn7TnRPBnnT3jfDtB2AfUYYX468YiRX2sIyZzlQ3sediqxtTR-XIa4_4vwDY4lHxuasRtJeUrqBhyMoNiLmj6rJ9J7ncpk8MebTabpy5-0YnN5-J-72HOg3al-8ffhW4wx4q0w-xItD3WtYcLR5vo2qQ2b7IBUstbtpTaDK8oHJ3o4RpCDp4Z16ClGXNxCvP/https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fhtml%2Fdraft-huque-dnsop-blacklies-ent-01>
Excerpt:
Empty Non-Terminal Sentinel for Black Lies
Abstract
The Black Lies method of providing compact DNSSEC denial of existence
proofs has some operational implications. Depending on the specific
implementation, it may provide no way to reliably distinguish Empty
Non-Terminal names from names that actually do not exist. This draft
describes the use of a synthetic DNS resource record type to act as
an explicit signal for Empty Non-Terminal names and which is conveyed
in an NSEC type bitmap.
[SAH] Something to consider:
https://www.ietf.org/about/groups/iesg/statements/on-inclusive-language/
“The “black lies” term may get called into question.
Scott
_______________________________________________
DNSOP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dnsop
