diff --git a/client_test.go b/client_test.go
index c104cb96..ff369c01 100644
--- a/client_test.go
+++ b/client_test.go
@@ -78,12 +78,12 @@ func TestClientEDNS0(t *testing.T) {
 
 func TestClientTsigAXFR(t *testing.T) {
 	m := new(Msg)
-	m.SetAxfr("miek.nl")
+	m.SetAxfr("miek.nl.")
 
-	m.SetTsig("axfr", HmacMD5, 300, uint64(time.Seconds()))
+	m.SetTsig("axfr.", HmacMD5, 300, uint64(time.Seconds()))
         TsigGenerate(m, "so6ZGir4GPAqINNh9U5c3A==", "", false)
 	secrets := make(map[string]string)
-	secrets["axfr"] = "so6ZGir4GPAqINNh9U5c3A=="
+	secrets["axfr."] = "so6ZGir4GPAqINNh9U5c3A=="
 
         println(m.String())
 	c := NewClient()
diff --git a/defaults.go b/defaults.go
index 2489181f..5102d933 100644
--- a/defaults.go
+++ b/defaults.go
@@ -3,6 +3,9 @@ package dns
 // Everything is assumed in the ClassINET class. If
 // you need other classes you are on your own.
 
+// Add SetEDNS0
+// IsEDNS0  function
+
 // Create a reply packet from a request message.
 func (dns *Msg) SetReply(request *Msg) {
 	dns.MsgHdr.Id = request.MsgHdr.Id
diff --git a/tsig.go b/tsig.go
index 690967d5..3f5a4f89 100644
--- a/tsig.go
+++ b/tsig.go
@@ -1,5 +1,32 @@
+// TSIG or transaction signature add a HMAC TSIG record to each message sent. 
+// Basic use pattern when querying with TSIG:
+//
+//      m := new(Msg)
+//      m.SetAxfr("miek.nl.")
+//      // Add a skeleton TSIG record.
+//      m.SetTsig("axfr.", HmacMD5, 300, uint64(time.Seconds()))
+//      // Generate the contents of the complete TSIG record.
+//      TsigGenerate(m, "so6ZGir4GPAqINNh9U5c3A==", "", false)
+//      // A map holds all the secrets
+//      secrets := make(map[string]string)      
+//      secrets["axfr."] = "so6ZGir4GPAqINNh9U5c3A=="        // don't forget the . here
+//
+// The message requesting an AXFR for miek.nl with the TSIG record is now ready to use. 
+// We now need a new client with access to the secrets:
+//
+//      c := NewClient()
+//      c.TsigSecret = secrets
+//      err := c.XfrReceive(m, "85.223.71.124:53")
+//
+// You can now read the records from the AXFR as the come in.
+//
+// Basic use pattern replying to a message which has TSIG set.
+// TODO(mg)
+//
 package dns
 
+// Fill in the TSIG errors. 0 = NOERROR, etc. like BIND
+
 import (
 	"io"
 	"os"
@@ -9,12 +36,6 @@ import (
 	"encoding/hex"
 )
 
-// The structure Tsig is used in Read/Write functions to
-// add or remove a TSIG on a dns message. See RFC 2845
-// and RFC 4635.
-// Basic use pattern of Tsig:
-//
-
 // HMAC hashing codes. These are transmitted as domain names.
 const (
 	HmacMD5    = "hmac-md5.sig-alg.reg.int."
diff --git a/types.go b/types.go
index 246e0c8a..ea4d2bf0 100644
--- a/types.go
+++ b/types.go
@@ -792,7 +792,7 @@ func (rr *RR_TSIG) String() string {
 		" " + strconv.Itoa(int(rr.MACSize)) +
 		" " + strings.ToUpper(rr.MAC) +
 		" " + strconv.Itoa(int(rr.OrigId)) +
-		" " + strconv.Itoa(int(rr.Error)) +
+		" " + strconv.Itoa(int(rr.Error)) +     // BIND prints NOERROR
 		" " + strconv.Itoa(int(rr.OtherLen)) +
 		" " + rr.OtherData
 }