{"draft":"draft-ietf-dnsop-negative-trust-anchors-13","doc_id":"RFC7646","title":"Definition and Use of DNSSEC Negative Trust Anchors","authors":["P. Ebersman","W. Kumari","C. Griffiths","J. Livingood","R. Weber"],"format":["ASCII","HTML"],"page_count":"16","pub_status":"INFORMATIONAL","status":"INFORMATIONAL","source":"Domain Name System Operations","abstract":"DNS Security Extensions (DNSSEC) is now entering widespread\r\ndeployment.  However, domain signing tools and processes are not yet\r\nas mature and reliable as those for non-DNSSEC-related domain\r\nadministration tools and processes.  This document defines Negative\r\nTrust Anchors (NTAs), which can be used to mitigate DNSSEC validation\r\nfailures by disabling DNSSEC validation at specified domains.","pub_date":"September 2015","keywords":["NTA","ISP","Internet Service Provider","DNS","DNSSEC","Negative Trust Anchors"],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC7646","errata_url":null}