http://www.rfc-editor.org/rfc/rfc2845.txt
RFC 2845: Secret Key Transaction Authentication for DNS (TSIG), P. Vixie, O. Gudmundsson, D. Eastlake 3rd, B. Wellington2000-05-01T23:00:00-00:00This protocol allows for transaction level authentication using shared secrets and one way hashing. It can be used to authenticate dynamic updates as coming from an approved client, or to authenticate responses as coming from an approved recursive name server. [STANDARDS-TRACK]