blank.gif (43 bytes)

Church Of The
Swimming Elephant

5. Non-existent Names and Types Connected: An Internet Encyclopedia
5. Non-existent Names and Types

Up: Connected: An Internet Encyclopedia
Up: Requests For Comments
Up: RFC 2065
Prev: 4.5 File Representation of SIG RRs
Next: 5.1 The NXT Resource Record

5. Non-existent Names and Types

5. Non-existent Names and Types

The SIG RR mechanism described in Section 4 above provides strong authentication of RRs that exist in a zone. But is it not clear above how to authenticatably deny the existence of a name in a zone or a type for an existent name.

The nonexistence of a name in a zone is indicated by the NXT ("next") RR for a name interval containing the nonexistent name. A NXT RR and its SIG are returned in the authority section, along with the error, if the server is security aware. The same is true for a non-existent type under an existing name. This is a change in the existing standard which contemplates only NS and SOA RRs in the authority section. NXT RRs will also be returned if an explicit query is made for the NXT type.

The existence of a complete set of NXT records in a zone means that any query for any name and any type to a security aware server serving the zone will always result in an reply containing at least one signed RR.

NXT RRs do not appear in zone master files since they can be derived from the rest of the zone.

Next: 5.1 The NXT Resource Record

Connected: An Internet Encyclopedia
5. Non-existent Names and Types


Protect yourself from cyberstalkers, identity thieves, and those who would snoop on you.
Stop spam from invading your inbox without losing the mail you want. We give you more control over your e-mail than any other service.
Block popups, ads, and malicious scripts while you surf the net through our anonymous proxies.
Participate in Usenet, host your web files, easily send anonymous messages, and more, much more.
All private, all encrypted, all secure, all in an easy to use service, and all for only $5.95 a month!

Service Details

Have you gone to church today?
All pages ©1999, 2000, 2001, 2002, 2003 Church of the Swimming Elephant unless otherwise stated
Church of the Swimming Elephant©1999, 2000, 2001, 2002, 2003 is a wholly owned subsidiary of Packetderm, LLC.

Packetderm, LLC
210 Park Ave #308
Worcester, MA 01609