key
Statementkey key_id { algorithm algorithm_id; secret secret_string; };
The key
statement defines a key ID which can be used
in a server
statement to
associate an authentication method with a particular name server.
A key ID must be created with the key
statement before it can be used in a server
definition or an address match list.
The algorithm_id is a string that specifies a security/authentication algorithm. The only supported algorithm is "hmac-md5".
secret_string is the secret to be used by the algorithm, and is treated as a base-64 encoded string. This may be generated using dnskeygen or another utility or created manually.
The key
statement is intended for use in transaction
security. Unless included in a server
statement, it is not used to sign any requests. It is used to verify
requests matching the key_id and algorithm_id,
and sign replies to those requests.
[ BIND Config. File | BIND Home | ISC ]