Hello,

Could some explain a bit more what the risks are, that this warning is
referring  to:

http://doc.powerdns.com/tsig-outbound-notify-axfr.html

Warning
PowerDNS for now only verifies the TSIG signature on the first AXFR
'message', which helps for access control, but does not provide 100.0%
protection of subsequent AXFR zone content messages.

Is this saying that one would not be protected from content
modification/injection with this feature enabled?

If so, what would be my options to secure slave/master communication,
with pdns acting as slave?

Thanks a lot,
Mohamed.
_______________________________________________
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
http://mailman.powerdns.com/mailman/listinfo/pdns-users

Reply via email to