{
  "draft": "draft-ietf-dnsext-dnssec-opt-in-09",
  "doc_id": "RFC4956",
  "title": "DNS Security (DNSSEC) Opt-In",
  "authors": [
    "R. Arends",
    "M. Kosters",
    "D. Blacka"
  ],
  "format": [
    "TEXT",
    "HTML"
  ],
  "page_count": "17",
  "pub_status": "EXPERIMENTAL",
  "status": "EXPERIMENTAL",
  "source": "DNS Extensions",
  "abstract": "In the DNS security (DNSSEC) extensions, delegations to unsigned subzones are cryptographically secured.  Maintaining this cryptography is not always practical or necessary.  This document describes an experimental \"Opt-In\" model that allows administrators to omit this cryptography and manage the cost of adopting DNSSEC with large zones.  This memo defines an Experimental Protocol for the Internet community.",
  "pub_date": "July 2007",
  "keywords": [
    "domain namespace"
  ],
  "obsoletes": [],
  "obsoleted_by": [],
  "updates": [],
  "updated_by": [],
  "see_also": [],
  "doi": "10.17487/RFC4956",
  "errata_url": "https://www.rfc-editor.org/errata/rfc4956"
}