TSIG/IP Transactions
rwatson at OFDA.NET
rwatson at OFDA.NET
Fri May 31 14:28:26 UTC 2002
Hello,
We host our own primary DNS, one slave and we also have our ISP's each set
up as slaves as well.
For redundancy and diversity we use 1 slave from each ISP, plus our slave.
I would like to use TSIG, however, only 1 of the ISP's supports TSIG
transaction, leaving 2 slave servers that don't.
My question is, if I use the non-TSIG slaves and also begin using TSIG
enabled master/slave servers, will I be potentially compromising, leaking
keys or otherwise weakening the security of the zone? (In any way shape or
form?)(Because I am cohabitating TSIG with non TSIG zone transfers???)
Thanks
More information about the bind-users
mailing list