key Statement
key key_id {
algorithm algorithm_id;
secret secret_string;
};
The key statement defines a key ID which can be used
in a server statement to
associate an authentication method with a particular name server.
You must create a key ID with the key statement
before you can use the key in a server definition or an
address match list.
The algorithm_id is a string that specifies a security/authentication algorithm. The only supported algorithm is "hmac-md5".
The secret_string string is the secret to be used by
the algorithm, and is treated as a base-64 encoded string. This may
be generated using dnskeygen or another utility, or
created manually.
The key statement is intended for use in transaction
security. Unless included in a server
statement, it is not used to sign any requests. It is used to verify
requests matching the key_id and algorithm_id,
and sign replies to those requests.