On Fri, Jul 31, 2009 at 03:32:48PM +1000, Mark Andrews wrote: > In message <20090730174054.h23...@gwyn.tux.org>, Joseph S D Yao writes: ... > > Plus, I'm curious to know what 'dig -k' really wants to see. > > A keyfile as generated by "dnssec-keygen -a HMAC-*". ...
Of which there are two - a .key file and a .private file. But I never thought of using the .private file format! Next week ... > HMAC-MD5, HMAC-SHA1, HMAC-SHA224, HMAC-SHA256, HMAC-SHA384 or HMAC-SHA512. Now, I must not have been paying attention - all my written down [or electronically inscribed] information says that the HMAC-MD5 algorithm must be used for TSIG. When did this get opened up? Thanks! -- /*********************************************************************\ ** ** Joe Yao j...@tux.org - Joseph S. D. Yao ** \*********************************************************************/ _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
