Hello,
Thank you for your fantastic job with RPZ, we will soon disclose an interesting implementation of your work in an Open Source firewall.
I was wondering if using TSIG or equivalent secure zone transfer was somewhere on your roadmap?
We have these large scale RPZ zones of ours and would like to avoid having the whole earth downloading them randomly.
So we have seen that there is the possibility to do HTTPS zone transfer, but we will lose the advantages of IXFR (which for zones with millions of record is a huge advantage).
Thanks for taking time to read this and comment if possible.
Sincerely yours.
(attachments)
