DNS can be a subdomain

[Mark Andrews]

And if you are not using AD you can use SIG(0) and KEY records
to allow hosts to authenticate updates to the DNS for their own
records.

Instead of registering a host with AD you add a KEY record into
the DNS which has the public key of the host which is to be used
to sign the UPDATE requests.  Unfortunately OS developers have
been asleep at the wheel by not adding support for this to their
products.

Mark
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742              INTERNET: marka at isc.org