A string used to generate the message authentication hash stored in a TSIG RR and used to authenticate an entire DNS message. This is not the same as signing a message, which involves a cryptographic operation.

Source: NIST SP 800-81-2 | Category: