Ram Akuka wrote: > but encrypting the file system won't do the work here. > i agree that storing the key and the encrypted data on the same > machine is useless in security terms. that why i'm looking for a build > in solution . > is there's any way the slave server can save the zone in format > diffent then clear text ?
TSIG does not "encrypt" the on-the-wire AXFR/IXFR data, and all of your queries are being done "in the clear", so I think that you may be over-engineering this part of the operation. You may want to worry more about securing the box so that the attacker can't get on in the first place. AlanC
signature.asc
Description: OpenPGP digital signature
_______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
