On 02/10/13 11:31, Mark Andrews wrote:
Also TSIG signatures are preserved when UPDATE requests are forwarded.
TSIG was designed to allow signed messages to be forwarded. The
ID field is not covered by the the TSIG to allow the message to be
forwarded. The slave does NOT have to know the shared TSIG secret
Interesting, I did not know that.
Presumably this is only true for "stateless" TSIG mechanisms, and not
those involving TKEY e.g. GSSAPI?
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
