Do I need TSIG for zone transfer on an intranet env?
Joseph S D Yao
jsdy at center.osis.gov
Fri Jun 30 20:26:55 UTC 2006
On Wed, Jun 28, 2006 at 06:15:31PM -0700, April wrote:
>
> that's true .. however how many people in Securiy really know DNS? ;-)
>
> What I should ask probably is in general, should ACL or TSIG be
> implemented in an intranet env?
I do. It helps me check off a box that someone comes to ask me about
every once in a while, and it is virtually no trouble at all.
The trouble comes when you need to schedule regular key updates, and
figuring out how to do that if you don't have remote 'ssh' access
yourself.
--
Joe Yao
-----------------------------------------------------------------------
This message is not an official statement of OSIS Center policies.
More information about the bind-users
mailing list