Add the ability to specify TLS configuration at the zone level for catalog zones
Currently the only way to specify which TLS configuration to use with catalog member zones is to inherit it from the default-primaries settings.
One possible mechanism would be to support multiple fields in the TXT record that currently specifies the TSIG key with "" indicating that field is empty.
e.g.
- TXT keyname TLS-configuration
- TXT keyname
- TXT "" TLS-configuration
- TXT "" ""
- TXT keyname ""
Deploying such a change would require the servers involved to be upgraded prior to the use of the new record format.