valdis.kletni...@vt.edu wrote:

>> It is a lot simpler and a lot more practical just to
>> use shared secret between a CPE and a ISP's name server
>> for TSIG generation.
> 
> Hmm.. Shared secret between a CPE you don't necessarily control
> and your own DNS server?

Of course. That is the very basic requirement for any security
between two parties.

                                                Masataka Ohta


Reply via email to