SIG(0) works fine for DDNS once you have a KEY record installed in the DNS.
KEY can be installed on a "add if name does not exist basis" for forward zone and add if TCP self (owner name is the matching in-addr.arpa/ip6.arpa name of the TCP source address) is true for the reverse zones. This requires policy enforcement in the server but is do able. nameservers already have policy rules (e.g. tcp-self has existed for years in named). Adding more is not a hard thing to do. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: [email protected] _______________________________________________ homenet mailing list [email protected] https://www.ietf.org/mailman/listinfo/homenet
