CC: undisclosed-recipients: ;
MIME-Version: 1.0
In-Reply-To: <rt-3.8.6-2430-1416885334-1937.37903-4-0@isc.org>
Content-Disposition: inline
References: <RT-Ticket-37903@isc.org> <20141125025212.GA459@isc.org> <rt-3.8.6-2430-1416883934-1401.37903-3-0@isc.org> <20141125031528.03715243E555@rock.dv.isc.org> <rt-3.8.6-2430-1416885334-1937.37903-4-0@isc.org>
Message-ID: <20141125040637.GA8009@isc.org>
Content-Type: text/plain; charset="utf-8"
X-RT-Original-Encoding: utf-8
Received: from bikeshed.isc.org (bikeshed.isc.org [149.20.48.19]) by bugs.isc.org (Postfix) with ESMTP id 764F52D20571 for <bind-suggest@bugs.isc.org>; Tue, 25 Nov 2014 04:06:38 +0000 (UTC)
Received: by bikeshed.isc.org (Postfix, from userid 10292) id 50B4D216C3D; Tue, 25 Nov 2014 04:06:38 +0000 (UTC)
Delivered-To: bind-suggest@bugs.isc.org
User-Agent: Mutt/1.4.2.3i
Subject: Re: [ISC-Bugs #37903] load TSIG keys at runtime
Return-Path: <each@isc.org>
X-Original-To: bind-suggest@bugs.isc.org
Date: Tue, 25 Nov 2014 04:06:38 +0000
To: Mark Andrews via RT <bind-suggest@isc.org>
From: Evan Hunt <each@isc.org>
RT-Message-ID: <rt-3.8.6-2416-1416888398-1518.37903-0-0@isc.org>
Content-Length: 406

> External tools could add / remove w/o going through rndc.

Probably still useful to have an rndc command to alert named to the
existence of new or updated keys; otherwise we need a database
lookup every time we process an ACL with a key in it. Other than
that I like this design.

> We have a text based file format for TKEY/GSSAPI which should be
> modified to use this.

Is this documented anywhere?