>>>>> "Mark" == Mark Andrews <[email protected]> writes: Mark> It SHOULD be possible to configure a TSIG keys (plural) to authenticate Mark> dynamic updates of reverse zones. TSIG keys should be used to Mark> authenticate the update if configured. If TSIG keys are not Mark> configured the update SHOULD be performed over TCP not UDP. This Mark> is to permit the server to use the TCP connection as a weak Mark> authentication mechanism.
Mark> The update code should check for the presence of CNAME and DNAME
Mark> records at the well know reverse names and adjust the update requests
Mark> to update the target names of the CNAME / DNAME records. This allows
Mark> for RFC 2317 style delegations to work.
Do you expect the client to do this, or the server?
I take it that the update goes to the host listed on the SOA record for
the zone?
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works | network architect [
] [email protected] http://www.sandelman.ca/ | ruby on rails [
pgp4Yl1IUWvfC.pgp
Description: PGP signature
_______________________________________________ homenet mailing list [email protected] https://www.ietf.org/mailman/listinfo/homenet
