1 Nov
2013
1 Nov
'13
6:12 p.m.
Valdis.Kletnieks@vt.edu wrote:
It is a lot simpler and a lot more practical just to use shared secret between a CPE and a ISP's name server for TSIG generation.
Hmm.. Shared secret between a CPE you don't necessarily control and your own DNS server?
Of course. That is the very basic requirement for any security between two parties. Masataka Ohta