microsoft claims
David R. Conrad
david.conrad at nominum.com
Fri Oct 20 18:47:33 UTC 2000
Hi,
> > 1. MS claims they support for secure dynamic update based on the
> > gss-tsig algorithm and bind does not.
>Recent Bind versions do.
BIND does not currently support Microsoft's proprietary GSS-TSIG in any
version. We support the IETF standard HMAC-MD5 TSIG. Microsoft does not
support HMAC-MD5 TSIG (to my knowledge). As such, doing dynamic update
securely in a heterogeneous environment is difficult. We have been in
discussions with Microsoft on this issue for a while and have also begun
implementation of Microsoft's GSS-TSIG (after the DNSEXT working group
picked up the draft), following the various documents Microsoft has made
public, however we (and others) have discovered that what Microsoft has
documented does not actually match what Microsoft does.
> > 2. bind does not support wins and wins-r records
Right. Even Microsoft has deprecated this.
> > 3. bind does not support utf-8 character encoding.
This is false.
Rgds,
-drc
More information about the bind-users
mailing list