http://www.rfc-editor.org/rfc/rfc7646.txt
RFC 7646: Definition and Use of DNSSEC Negative Trust Anchors, P. Ebersman, W. Kumari, C. Griffiths, J. Livingood, R. Weber2015-09-01T23:00:00-00:00DNS Security Extensions (DNSSEC) is now entering widespread deployment. However, domain signing tools and processes are not yet as mature and reliable as those for non-DNSSEC-related domain administration tools and processes. This document defines Negative Trust Anchors (NTAs), which can be used to mitigate DNSSEC validation failures by disabling DNSSEC validation at specified domains.