[dns-operations] using TSIG keys in a mixed environment

[Paul Vixie]

Randy Bush wrote:
>> If you enable a TSIG key for a zone slaving from a particular master,
>> all subsequent transfers for any zone slaving from that master will
>> attempt to use that key (because the key is defined for the host of the
>> endpoint, not the zone being mirrored)
>
> i believe this to be incorrect.  it is per-zone.

that was true in the earliest BIND9 version that supported TSIG. but
it's per-zone today.

-- 
Paul Vixie