@misc{rfc8945,
    series =    {Request for Comments},
    number =    8945,
    howpublished =  {RFC 8945},
    publisher = {RFC Editor},
    doi =       {10.17487/RFC8945},
    url =       {https://www.rfc-editor.org/info/rfc8945},
    author =    {Francis Dupont and Stephen Morris and Paul A. Vixie and Donald E. Eastlake 3rd and Ólafur Guðmundsson and Brian Wellington},
    title =     {{Secret Key Transaction Authentication for DNS (TSIG)}},
    pagetotal = 22,
    year =      2020,
    month =     nov,
    abstract =  {This document describes a protocol for transaction-level authentication using shared secrets and one-way hashing. It can be used to authenticate dynamic updates to a DNS zone as coming from an approved client or to authenticate responses as coming from an approved name server. No recommendation is made here for distributing the shared secrets; it is expected that a network administrator will statically configure name servers and clients using some out-of-band mechanism. This document obsoletes RFCs 2845 and 4635.},
}