Integrity through DNSSEC
Current trust model is based on IP.
Do Slaves have the right data from the right source? How to make sure:
Shared Secrets as implemented in TSIG: the Transaction SIGnatures
All transactions between server pairs are authenticated with the TSIG