ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
Files
bc315758993b1a0d634b2d7f2a3a0943ae8915d6
bind9/bin/dnssec/dnssec-ksr.rst
Matthijs Mekking 77d4afba1b Introduce new DNSSEC tool dnssec-ksr 
Introduce a new DNSSEC tool, dnssec-ksr, for creating signed key
response (SKR) files, given one or more key signing requests (KSRs).

For now it is just a dummy tool, but the future purpose of this utility
is to pregenerate ZSKs and signed RRsets for DNSKEY, CDNSKEY, and CDS
for a given period that a KSK is to be offline.
2024-04-19 10:41:04 +02:00

68 lines
1.6 KiB
ReStructuredText
Raw Blame History

.. Copyright (C) Internet Systems Consortium, Inc. ("ISC")
..
.. SPDX-License-Identifier: MPL-2.0
..
.. This Source Code Form is subject to the terms of the Mozilla Public
.. License, v. 2.0. If a copy of the MPL was not distributed with this
.. file, you can obtain one at https://mozilla.org/MPL/2.0/.
..
.. See the COPYRIGHT file distributed with this work for additional
.. information regarding copyright ownership.
.. highlight: console
.. iscman:: dnssec-ksr
.. program:: dnssec-ksr
.. _man_dnssec-ksr:
dnssec-ksr - Create signed key response (SKR) files for offline KSK setups
--------------------------------------------------------------------------
Synopsis
~~~~~~~~
:program:`dnssec-ksr [**-h**]` [**-V**] [**-v** level]
Description
~~~~~~~~~~~
The :program:`dnssec-ksr` command creates signed key responses (SKRs) that can
be loaded by a DNS authoritative server. An SKR is a RRset of type DNSKEY,
CDNSKEY, or CDS, with signatures from a key that is typically offline during
normal operation.
Options
~~~~~~~
.. option:: -h
This option prints a short summary of the options and arguments to
:program:`dnssec-ksr`.
.. option:: -V
This option prints version information.
.. option:: -v level
This option sets the debugging level. Level 1 is intended to be usefully
verbose for general users; higher levels are intended for developers.
Exit Status
~~~~~~~~~~~
The :program:`dnssec-ksr` command exits 0 on success, or non-zero if an error
occurred.
Examples
~~~~~~~~
To do.
See Also
~~~~~~~~
:iscman:`dnssec-keygen(8) <dnssec-keygen>`,
:iscman:`dnssec-signzone(8) <dnssec-signzone>`,
BIND 9 Administrator Reference Manual.
View Git Blame Copy Permalink