Internet-Draft draft-ietf-dnsop-ns-revalidation-11.txt is now available. It is
a work item of the Domain Name System Operations (DNSOP) WG of the IETF.
Title: Delegation Revalidation by DNS Resolvers
Authors: Shumon Huque
Paul Vixie
Willem Toorop
Name: draft-ietf-dnsop-ns-revalidation-11.txt
Pages: 17
Dates: 2025-10-19
Abstract:
This document describes an optional algorithm for the processing of
Name Server (NS) resource record (RR) sets (RRsets) during iterative
resolution, and describes the benefits and considerations of using
this approach. When following a referral response from an
authoritative server to a child zone, DNS resolvers should explicitly
query the authoritative NS RRset at the apex of the child zone and
cache this in preference to the NS RRset on the parent side of the
zone cut. The (A and AAAA) address RRsets in the additional section
from referral responses and authoritative NS answers for the names of
the NS RRset, should similarly be re-queried and used to replace the
entries with the lower trustworthiness ranking in cache. Resolvers
should also periodically revalidate the delegation by re-querying the
parent zone at the expiration of the TTL of either the parent or
child NS RRset, whichever comes first.
The IETF datatracker status page for this Internet-Draft is:
https://datatracker.ietf.org/doc/draft-ietf-dnsop-ns-revalidation/
There is also an HTMLized version available at:
https://datatracker.ietf.org/doc/html/draft-ietf-dnsop-ns-revalidation-11
A diff from the previous version is available at:
https://author-tools.ietf.org/iddiff?url2=draft-ietf-dnsop-ns-revalidation-11
Internet-Drafts are also available by rsync at:
rsync.ietf.org::internet-drafts
_______________________________________________
DNSOP mailing list -- [email protected]
To unsubscribe send an email to [email protected]
