Authentication, stored in a Dns_trie with privileges to operations embedded in the name.
A key is a pair of a
`raw Domain_name.t and a
Dnskey.t. In the name, operation privileges and potentially IP addresses are encoded, e.g.
foo._transfer.example.com may do AXFR on
example.com and any subdomain, e.g.
The type of operations, sorted by highest ot lowest privileges, an
`Update may as well carry out a
val operation_to_string : operation -> string
operation_to_string op is the string representation of
val all_ops : operation list
all_ops is a list of all operations.
access_granted ~required key_operation is
key_operation is authorised for
val zone_and_operation : 'a Domain_name.t -> ([ `host ] Domain_name.t * operation) option
zone_and_operation key is
Some (zone, op), the
zone of the
key, and its operation
op. If the
key is not in the expected format,
None is returned.
val access : ?key:'a Domain_name.t -> zone:'b Domain_name.t -> operation -> bool
access op ~key ~zone checks whether
key is authorised for