[bind10-dev] Tsig class
Evan Hunt
each at isc.org
Fri Feb 26 22:04:50 UTC 2010
> My plan was to create a new Tsig(Name, algorithm, key-data) and then use
> it to sign messages, something like:
First comment: What is "a tsig"? Is it the key or the signature? It
looks to me like what you've got there is a key, so I'd suggest calling it
TsigKey.
> One, the signature is actually added into the message. This means
> signMessage() may add stuff that MUST go to the end, so Message needs to
> become smarter about Tsig. I'm wondering if I have this backwards, and
> this logic should instead go in Message, so it would call Tsig.sign()
> and Tsig.verify().
That sounds logical to me.
message->sign(TsigKey(alg, keydata));
> Lastly, Tsig is also the RRType name. Will this lead to confusion if we
> have both of these?
> isc::dns::Tsig
> isc::dns::rdata::TSIG
Also addressed by changing to TsigKey.
eh
More information about the bind10-dev
mailing list