Recursive server forwarding dynamic updates
Phil Mayers
p.mayers at imperial.ac.uk
Wed Oct 2 11:02:26 UTC 2013
On 02/10/13 11:31, Mark Andrews wrote:
> Also TSIG signatures are preserved when UPDATE requests are forwarded.
> TSIG was designed to allow signed messages to be forwarded. The
> ID field is not covered by the the TSIG to allow the message to be
> forwarded. The slave does NOT have to know the shared TSIG secret
Interesting, I did not know that.
Presumably this is only true for "stateless" TSIG mechanisms, and not
those involving TKEY e.g. GSSAPI?
More information about the bind-users
mailing list