Menu
Home Explore People Places Arts History Plants & Animals Science Life & Culture Technology
On this page
Generic Security Service Algorithm for Secret Key Transaction

GSS-TSIG (Generic Security Service Algorithm for Secret Key Transaction) is an extension to the TSIG DNS authentication protocol for secure key exchange. It is a GSS-API algorithm which uses Kerberos for passing security tokens to provide authentication, integrity and confidentiality.

GSS-TSIG (RFC 3645) uses a mechanism like SPNEGO with Kerberos or NTLM. In Windows, this implementation is called Secure Dynamic Update.

GSS-TSIG uses TKEY records for key exchange between the DNS client and server in GSS-TSIG mode. For authentication between the DNS client and Active Directory, the AS-REQ, AS-REP, TGS-REQ, TGS-REP exchanges must take place for granting of ticket and establishing a security context. The security context has a limited lifetime during which dynamic updates to the DNS server can take place.

We don't have any images related to Generic Security Service Algorithm for Secret Key Transaction yet.
We don't have any YouTube videos related to Generic Security Service Algorithm for Secret Key Transaction yet.
We don't have any PDF documents related to Generic Security Service Algorithm for Secret Key Transaction yet.
We don't have any Books related to Generic Security Service Algorithm for Secret Key Transaction yet.
We don't have any archived web articles related to Generic Security Service Algorithm for Secret Key Transaction yet.

References

  1. Secure Dynamic Update: Windows 2000 DNS - MSDN https://technet.microsoft.com/en-us/library/cc961412.aspx