DNS_TSIG_Key (object)

Configures a TSIG key

Properties (* = required):

name type(s) default allowed values description
algorithm string “hmacmd5” “hmacmd5”, “hmacsha1”, “hmacsha256” Specifies the algorithm the system uses to authenticate AXFR zone transfer requests as coming from an approved DNS nameserver, or to authenticate AXFR zone transfers as coming from an approved back-end DNS authoritative server. The algorithm involves a cryptographic hash function in combination with a secret, which is specified in the Secret field. The default is HMAC MD5 (the Hash-based Message Authentication Code MD5).
class* string   “DNS_TSIG_Key”  
label string   “^[^x00-x1fx22#&*<>?x5b-x5d`x7f]*$” Optional friendly name for this object. Allows 0-64 chars, excluding a few likely to cause trouble with string searching, JS, TCL, or HTML
remark string   “^[^x00-x1fx22x5cx7f]*$” Arbitrary (brief) text pertaining to this object. Allows 0-64 chars, excluding only control characters, double-quote, and backslash. This is permissive enough that you should worry about XSS attacks
secret* object     Specifies the secret used with the algorithm in the verification process. The secret must be generated by a third-party tool such as BIND’s keygen utility; the BIG-IP system does not generate the TSIG key secret.,A value: (a) in a cryptogram in this object; (b) in a cryptogram elsewhere in this declaration; or (c) available from a URL

DNS_TSIG_Key.secret (object)

Specifies the secret used with the algorithm in the verification process. The secret must be generated by a third-party tool such as BIND’s keygen utility; the BIG-IP system does not generate the TSIG key secret. A value: (a) in a cryptogram in this object; (b) in a cryptogram elsewhere in this declaration; or (c) available from a URL

Properties (* = required):

name type(s) default allowed values description
/*/        
allowReuse boolean   true, false If true, other declaration objects may reuse this value
reuseFrom string     AS3 pointer to another JWE cryptogram in this declaration to copy
url       URL from which secret should be fetched,Describes the URL to remote resource and optional parameters