GSS-TSIG update policy identity field

Jan-Piet Mens jpmens.dns at
Wed May 11 10:50:53 UTC 2011


> I use GSS-TSIG and the handbook says that in gss-tsig the content of the
> identity field ist the common secret which is the kerberos principal.

I believe you'll have to set `tkey-gssapi-credential' and `tkey-domain` for
this to work the way you want, though I do confess to not have a running
version yet. Check the Bv9ARM, where it says: "normally this principle
is of the form "DNS/server.domain". Hope that helps until somebody more
knowledgeable comes along. :-)


More information about the bind-users mailing list