feature consultation -- per-zone initiator-side tsig keys

Paul Vixie vixie at isc.org
Tue Dec 16 15:08:18 UTC 2008


> > to use key K1 when talking to server S about zone Z1, yet use key K2
> > when talking to the same server S about zone Z2.
> 
> why would one miss this?

we do secondary service for a lot of people, some of whom share primary
servers, and we really do have a need to use K1 when talking to server S
about Z1 but use K2 when talking to server S about Z2, because there are
two keys on that server, and the zones have differing ACL's, each referring
to a distinct key.



More information about the bind-workers mailing list