|
|
key Statement
key key_id {
algorithm algorithm_id;
secret secret_string;
};
The key statement defines a key ID which can be used
in a server statement to
associate an authentication method with a particular name server.
A key ID must be created with the key
statement before it can be used in a server
definition or an address match list.
The algorithm_id is a string that specifies a security/authentication algorithm. The only supported algorithm is "hmac-md5".
secret_string is the secret to be used by the algorithm, and is treated as a base-64 encoded string. This may be generated using dnskeygen or another utility or created manually.
The key statement is intended for use in transaction
security. Unless included in a server
statement, it is not used to sign any requests. It is used to verify
requests matching the key_id and algorithm_id,
and sign replies to those requests.
[ BIND Config. File | BIND Home | ISC ]