Commit 58834602 authored by Tinderbox User's avatar Tinderbox User

regen master

parent 726cddb5
......@@ -12,7 +12,7 @@
<meta name="generator" content="DocBook XSL Stylesheets V1.78.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry">
<a name="id-1"></a><div class="titlepage"></div>
<a name="man.nslookup"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p>nslookup &#8212; query Internet name servers interactively</p>
......
......@@ -49,7 +49,7 @@ and
\fBdnssec\-settime\fR\&.
.PP
DNSSEC policy can be read from a configuration file (default
/etc/dnssec\&.policy), from which the key parameters, publication and rollover schedule, and desired coverage duration for any given zone can be determined\&. This file may be used to define individual DNSSEC policies on a per\-zone basis, or to set a default policy used for all zones\&.
/etc/dnssec\-policy\&.conf), from which the key parameters, publication and rollover schedule, and desired coverage duration for any given zone can be determined\&. This file may be used to define individual DNSSEC policies on a per\-zone basis, or to set a default policy used for all zones\&.
.PP
When
\fBdnssec\-keymgr\fR
......@@ -79,7 +79,7 @@ If
\fB\-c\fR
is specified, then the DNSSEC policy is read from
\fBfile\fR\&. (If not specified, then the policy is read from
/etc/policy\&.conf; if that file doesn\*(Aqt exist, a built\-in global default policy is used\&.)
/etc/dnssec\-policy\&.conf; if that file doesn\*(Aqt exist, a built\-in global default policy is used\&.)
.RE
.PP
\-f
......@@ -157,7 +157,7 @@ option\&.
.SH "POLICY CONFIGURATION"
.PP
The
policy\&.conf
dnssec\-policy\&.conf
file can specify three kinds of policies:
.sp
.RS 4
......
......@@ -32,7 +32,7 @@
</p>
<p>
DNSSEC policy can be read from a configuration file (default
<code class="filename">/etc/dnssec.policy</code>), from which the key
<code class="filename">/etc/dnssec-policy.conf</code>), from which the key
parameters, publication and rollover schedule, and desired
coverage duration for any given zone can be determined. This
file may be used to define individual DNSSEC policies on a
......@@ -79,7 +79,7 @@
If <code class="option">-c</code> is specified, then the DNSSEC
policy is read from <code class="option">file</code>. (If not
specified, then the policy is read from
<code class="filename">/etc/policy.conf</code>; if that file
<code class="filename">/etc/dnssec-policy.conf</code>; if that file
doesn't exist, a built-in global default policy is used.)
</p></dd>
<dt><span class="term">-f</span></dt>
......@@ -146,7 +146,7 @@
<div class="refsection">
<a name="id-1.9"></a><h2>POLICY CONFIGURATION</h2>
<p>
The <code class="filename">policy.conf</code> file can specify three kinds
The <code class="filename">dnssec-policy.conf</code> file can specify three kinds
of policies:
</p>
<div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
......
......@@ -2751,7 +2751,7 @@ badresp:1,adberr:0,findfail:0,valfail:0]
<span class="command"><strong>fstrm-set-buffer-hint</strong></span>: The
threshold number of bytes to accumulate in the output
buffer before forcing a buffer flush. The minimum is
1K, the maximum is 64K, and the default is 8K.
1024, the maximum is 65536, and the default is 8096.
</li>
<li class="listitem">
<span class="command"><strong>fstrm-set-flush-timeout</strong></span>: The number
......
......@@ -43,7 +43,6 @@
<dt><span class="section"><a href="Bv9ARM.ch09.html#relnotes_security">Security Fixes</a></span></dt>
<dt><span class="section"><a href="Bv9ARM.ch09.html#relnotes_features">New Features</a></span></dt>
<dt><span class="section"><a href="Bv9ARM.ch09.html#relnotes_changes">Feature Changes</a></span></dt>
<dt><span class="section"><a href="Bv9ARM.ch09.html#relnotes_port">Porting Changes</a></span></dt>
<dt><span class="section"><a href="Bv9ARM.ch09.html#relnotes_bugs">Bug Fixes</a></span></dt>
<dt><span class="section"><a href="Bv9ARM.ch09.html#end_of_life">End of Life</a></span></dt>
<dt><span class="section"><a href="Bv9ARM.ch09.html#relnotes_thanks">Thank You</a></span></dt>
......@@ -181,10 +180,15 @@
</li>
<li class="listitem">
<p>
New quotas have been added to limit the queries that are
sent by recursive resolvers to authoritative servers
experiencing denial-of-service attacks. When configured,
these options can both reduce the harm done to authoritative
Fetch quotas are now compiled in by default: they
no longer require BIND to be configured with
<span class="command"><strong>--enable-fetchlimit</strong></span>, as was the case
when the feature was introduced in BIND 9.10.3.
</p>
<p>
These quotas limit the queries that are sent by recursive
resolvers to authoritative servers experiencing denial-of-service
attacks. They can both reduce the harm done to authoritative
servers and also avoid the resource exhaustion that can be
experienced by recursive servers when they are being used as a
vehicle for such an attack.
......@@ -530,7 +534,7 @@
recursive lookup returns NXDOMAIN, a second lookup is
initiated with the specified name appended to the query
name. This allows NXDOMAIN redirection data to be supplied
by multiple zones configured on the server or by recursive
by multiple zones configured on the server, or by recursive
queries to other servers. (The older method, using
a single <span class="command"><strong>type redirect</strong></span> zone, has
better average performance but is less flexible.) [RT #37989]
......@@ -706,12 +710,6 @@
that was returned by the server in its initial response.
[RT #39047]
</p></li>
<li class="listitem"><p>
A alternative NXDOMAIN redirect method (nxdomain-redirect)
which allows the redirect information to be looked up from
a namespace on the Internet rather than requiring a zone
to be configured on the server is now available.
</p></li>
<li class="listitem"><p>
Retrieving the local port range from net.ipv4.ip_local_port_range
on Linux is now supported.
......@@ -735,7 +733,7 @@
</p></li>
<li class="listitem"><p>
The default preferred glue is now the address type of the
transport the query was received over.
transport the query was received over.
</p></li>
<li class="listitem"><p>
On machines with 2 or more processors (CPU), the default value
......@@ -764,17 +762,26 @@
section; <code class="option">no-auth-recursive</code>
does the same but only when answering recursive queries.
</p></li>
<li class="listitem"><p>
At server startup time, the queues for processing
notify and zone refresh queries are now processed in
LIFO rather than FIFO order, to speed up
loading of newly added zones. [RT #42825]
</p></li>
<li class="listitem"><p>
When answering queries of type MX or SRV, TLSA records for
the target name are now included in the additional section
to speed up DANE processing. [RT #42894]
</p></li>
<li class="listitem"><p>
<span class="command"><strong>named</strong></span> can now use the TCP Fast Open
mechanism on the server side, if supported by the
local operating system. [RT #42866]
</p></li>
</ul></div>
</div>
<div class="section">
<div class="titlepage"><div><div><h3 class="title">
<a name="relnotes_port"></a>Porting Changes</h3></div></div></div>
<div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem"><p>
None.
</p></li></ul></div>
</div>
<div class="section">
<div class="titlepage"><div><div><h3 class="title">
<a name="relnotes_bugs"></a>Bug Fixes</h3></div></div></div>
<div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
<li class="listitem"><p>
......
......@@ -51,6 +51,9 @@
<span class="refentrytitle"><a href="man.delv.html">delv</a></span><span class="refpurpose"> &#8212; DNS lookup and validation utility</span>
</dt>
<dt>
<span class="refentrytitle"><a href="man.nslookup.html">nslookup</a></span><span class="refpurpose"> &#8212; query Internet name servers interactively</span>
</dt>
<dt>
<span class="refentrytitle"><a href="man.dnssec-checkds.html"><span class="application">dnssec-checkds</span></a></span><span class="refpurpose"> &#8212; DNSSEC delegation consistency checking tool</span>
</dt>
<dt>
......@@ -69,6 +72,9 @@
<span class="refentrytitle"><a href="man.dnssec-keygen.html"><span class="application">dnssec-keygen</span></a></span><span class="refpurpose"> &#8212; DNSSEC key generation tool</span>
</dt>
<dt>
<span class="refentrytitle"><a href="man.dnssec-keymgr.html"><span class="application">dnssec-keymgr</span></a></span><span class="refpurpose"> &#8212; Ensures correct DNSKEY coverage for a zone based on a defined policy</span>
</dt>
<dt>
<span class="refentrytitle"><a href="man.dnssec-revoke.html"><span class="application">dnssec-revoke</span></a></span><span class="refpurpose"> &#8212; set the REVOKED bit on a DNSSEC key</span>
</dt>
<dt>
......
......@@ -248,7 +248,6 @@
<dt><span class="section"><a href="Bv9ARM.ch09.html#relnotes_security">Security Fixes</a></span></dt>
<dt><span class="section"><a href="Bv9ARM.ch09.html#relnotes_features">New Features</a></span></dt>
<dt><span class="section"><a href="Bv9ARM.ch09.html#relnotes_changes">Feature Changes</a></span></dt>
<dt><span class="section"><a href="Bv9ARM.ch09.html#relnotes_port">Porting Changes</a></span></dt>
<dt><span class="section"><a href="Bv9ARM.ch09.html#relnotes_bugs">Bug Fixes</a></span></dt>
<dt><span class="section"><a href="Bv9ARM.ch09.html#end_of_life">End of Life</a></span></dt>
<dt><span class="section"><a href="Bv9ARM.ch09.html#relnotes_thanks">Thank You</a></span></dt>
......@@ -293,6 +292,9 @@
<span class="refentrytitle"><a href="man.delv.html">delv</a></span><span class="refpurpose"> &#8212; DNS lookup and validation utility</span>
</dt>
<dt>
<span class="refentrytitle"><a href="man.nslookup.html">nslookup</a></span><span class="refpurpose"> &#8212; query Internet name servers interactively</span>
</dt>
<dt>
<span class="refentrytitle"><a href="man.dnssec-checkds.html"><span class="application">dnssec-checkds</span></a></span><span class="refpurpose"> &#8212; DNSSEC delegation consistency checking tool</span>
</dt>
<dt>
......@@ -311,6 +313,9 @@
<span class="refentrytitle"><a href="man.dnssec-keygen.html"><span class="application">dnssec-keygen</span></a></span><span class="refpurpose"> &#8212; DNSSEC key generation tool</span>
</dt>
<dt>
<span class="refentrytitle"><a href="man.dnssec-keymgr.html"><span class="application">dnssec-keymgr</span></a></span><span class="refpurpose"> &#8212; Ensures correct DNSKEY coverage for a zone based on a defined policy</span>
</dt>
<dt>
<span class="refentrytitle"><a href="man.dnssec-revoke.html"><span class="application">dnssec-revoke</span></a></span><span class="refpurpose"> &#8212; set the REVOKED bit on a DNSSEC key</span>
</dt>
<dt>
......
......@@ -40,14 +40,14 @@
<div class="cmdsynopsis"><p><code class="command">arpaname</code> {<em class="replaceable"><code>ipaddress </code></em>...}</p></div>
</div>
<div class="refsection">
<a name="id-1.14.29.7"></a><h2>DESCRIPTION</h2>
<a name="id-1.14.31.7"></a><h2>DESCRIPTION</h2>
<p>
<span class="command"><strong>arpaname</strong></span> translates IP addresses (IPv4 and
IPv6) to the corresponding IN-ADDR.ARPA or IP6.ARPA names.
</p>
</div>
<div class="refsection">
<a name="id-1.14.29.8"></a><h2>SEE ALSO</h2>
<a name="id-1.14.31.8"></a><h2>SEE ALSO</h2>
<p>
<em class="citetitle">BIND 9 Administrator Reference Manual</em>.
</p>
......
......@@ -41,7 +41,7 @@
<div class="cmdsynopsis"><p><code class="command">ddns-confgen</code> [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-h</code>] [<code class="option">-k <em class="replaceable"><code>keyname</code></em></code>] [<code class="option">-q</code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [ -s <em class="replaceable"><code>name</code></em> | -z <em class="replaceable"><code>zone</code></em> ]</p></div>
</div>
<div class="refsection">
<a name="id-1.14.28.7"></a><h2>DESCRIPTION</h2>
<a name="id-1.14.30.7"></a><h2>DESCRIPTION</h2>
<p>
<span class="command"><strong>tsig-keygen</strong></span> and <span class="command"><strong>ddns-confgen</strong></span>
are invocation methods for a utility that generates keys for use
......@@ -77,7 +77,7 @@
</p>
</div>
<div class="refsection">
<a name="id-1.14.28.8"></a><h2>OPTIONS</h2>
<a name="id-1.14.30.8"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl class="variablelist">
<dt><span class="term">-a <em class="replaceable"><code>algorithm</code></em></span></dt>
<dd><p>
......@@ -149,7 +149,7 @@
</dl></div>
</div>
<div class="refsection">
<a name="id-1.14.28.9"></a><h2>SEE ALSO</h2>
<a name="id-1.14.30.9"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">nsupdate</span>(1)</span>,
<span class="citerefentry"><span class="refentrytitle">named.conf</span>(5)</span>,
<span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
......
......@@ -13,7 +13,7 @@
<link rel="home" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
<link rel="up" href="Bv9ARM.ch13.html" title="Manual pages">
<link rel="prev" href="man.host.html" title="host">
<link rel="next" href="man.dnssec-checkds.html" title="dnssec-checkds">
<link rel="next" href="man.nslookup.html" title="nslookup">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<div class="navheader">
......@@ -23,7 +23,7 @@
<td width="20%" align="left">
<a accesskey="p" href="man.host.html">Prev</a> </td>
<th width="60%" align="center">Manual pages</th>
<td width="20%" align="right"> <a accesskey="n" href="man.dnssec-checkds.html">Next</a>
<td width="20%" align="right"> <a accesskey="n" href="man.nslookup.html">Next</a>
</td>
</tr>
</table>
......@@ -490,14 +490,13 @@
<td width="40%" align="left">
<a accesskey="p" href="man.host.html">Prev</a> </td>
<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch13.html">Up</a></td>
<td width="40%" align="right"> <a accesskey="n" href="man.dnssec-checkds.html">Next</a>
<td width="40%" align="right"> <a accesskey="n" href="man.nslookup.html">Next</a>
</td>
</tr>
<tr>
<td width="40%" align="left" valign="top">host </td>
<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
<td width="40%" align="right" valign="top"> <span class="application">dnssec-checkds</span>
</td>
<td width="40%" align="right" valign="top"> nslookup</td>
</tr>
</table>
</div>
......
......@@ -12,7 +12,7 @@
<meta name="generator" content="DocBook XSL Stylesheets V1.78.1">
<link rel="home" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
<link rel="up" href="Bv9ARM.ch13.html" title="Manual pages">
<link rel="prev" href="man.delv.html" title="delv">
<link rel="prev" href="man.nslookup.html" title="nslookup">
<link rel="next" href="man.dnssec-coverage.html" title="dnssec-coverage">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
......@@ -21,7 +21,7 @@
<tr><th colspan="3" align="center"><span class="application">dnssec-checkds</span></th></tr>
<tr>
<td width="20%" align="left">
<a accesskey="p" href="man.delv.html">Prev</a></td>
<a accesskey="p" href="man.nslookup.html">Prev</a></td>
<th width="60%" align="center">Manual pages</th>
<td width="20%" align="right"><a accesskey="n" href="man.dnssec-coverage.html">Next</a>
</td>
......@@ -41,7 +41,7 @@
<div class="cmdsynopsis"><p><code class="command">dnssec-dsfromkey</code> [<code class="option">-l <em class="replaceable"><code>domain</code></em></code>] [<code class="option">-f <em class="replaceable"><code>file</code></em></code>] [<code class="option">-d <em class="replaceable"><code>dig path</code></em></code>] [<code class="option">-D <em class="replaceable"><code>dsfromkey path</code></em></code>] {zone}</p></div>
</div>
<div class="refsection">
<a name="id-1.14.6.7"></a><h2>DESCRIPTION</h2>
<a name="id-1.14.7.7"></a><h2>DESCRIPTION</h2>
<p><span class="command"><strong>dnssec-checkds</strong></span>
verifies the correctness of Delegation Signer (DS) or DNSSEC
Lookaside Validation (DLV) resource records for keys in a specified
......@@ -49,7 +49,7 @@
</p>
</div>
<div class="refsection">
<a name="id-1.14.6.8"></a><h2>OPTIONS</h2>
<a name="id-1.14.7.8"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl class="variablelist">
<dt><span class="term">-f <em class="replaceable"><code>file</code></em></span></dt>
<dd><p>
......@@ -78,7 +78,7 @@
</dl></div>
</div>
<div class="refsection">
<a name="id-1.14.6.9"></a><h2>SEE ALSO</h2>
<a name="id-1.14.7.9"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">dnssec-dsfromkey</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">dnssec-signzone</span>(8)</span>,
......@@ -90,13 +90,13 @@
<table width="100%" summary="Navigation footer">
<tr>
<td width="40%" align="left">
<a accesskey="p" href="man.delv.html">Prev</a></td>
<a accesskey="p" href="man.nslookup.html">Prev</a></td>
<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch13.html">Up</a></td>
<td width="40%" align="right"><a accesskey="n" href="man.dnssec-coverage.html">Next</a>
</td>
</tr>
<tr>
<td width="40%" align="left" valign="top">delv</td>
<td width="40%" align="left" valign="top">nslookup</td>
<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
<td width="40%" align="right" valign="top"><span class="application">dnssec-coverage</span>
</td>
......
......@@ -40,7 +40,7 @@
<div class="cmdsynopsis"><p><code class="command">dnssec-coverage</code> [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-l <em class="replaceable"><code>length</code></em></code>] [<code class="option">-f <em class="replaceable"><code>file</code></em></code>] [<code class="option">-d <em class="replaceable"><code>DNSKEY TTL</code></em></code>] [<code class="option">-m <em class="replaceable"><code>max TTL</code></em></code>] [<code class="option">-r <em class="replaceable"><code>interval</code></em></code>] [<code class="option">-c <em class="replaceable"><code>compilezone path</code></em></code>] [<code class="option">-k</code>] [<code class="option">-z</code>] [zone...]</p></div>
</div>
<div class="refsection">
<a name="id-1.14.7.7"></a><h2>DESCRIPTION</h2>
<a name="id-1.14.8.7"></a><h2>DESCRIPTION</h2>
<p><span class="command"><strong>dnssec-coverage</strong></span>
verifies that the DNSSEC keys for a given zone or a set of zones
have timing metadata set properly to ensure no future lapses in DNSSEC
......@@ -68,7 +68,7 @@
</p>
</div>
<div class="refsection">
<a name="id-1.14.7.8"></a><h2>OPTIONS</h2>
<a name="id-1.14.8.8"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl class="variablelist">
<dt><span class="term">-K <em class="replaceable"><code>directory</code></em></span></dt>
<dd><p>
......@@ -192,7 +192,7 @@
</dl></div>
</div>
<div class="refsection">
<a name="id-1.14.7.9"></a><h2>SEE ALSO</h2>
<a name="id-1.14.8.9"></a><h2>SEE ALSO</h2>
<p>
<span class="citerefentry"><span class="refentrytitle">dnssec-checkds</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">dnssec-dsfromkey</span>(8)</span>,
......
......@@ -42,14 +42,14 @@
<div class="cmdsynopsis"><p><code class="command">dnssec-dsfromkey</code> [<code class="option">-h</code>] [<code class="option">-V</code>]</p></div>
</div>
<div class="refsection">
<a name="id-1.14.8.7"></a><h2>DESCRIPTION</h2>
<a name="id-1.14.9.7"></a><h2>DESCRIPTION</h2>
<p><span class="command"><strong>dnssec-dsfromkey</strong></span>
outputs the Delegation Signer (DS) resource record (RR), as defined in
RFC 3658 and RFC 4509, for the given key(s).
</p>
</div>
<div class="refsection">
<a name="id-1.14.8.8"></a><h2>OPTIONS</h2>
<a name="id-1.14.9.8"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl class="variablelist">
<dt><span class="term">-1</span></dt>
<dd><p>
......@@ -140,7 +140,7 @@
</dl></div>
</div>
<div class="refsection">
<a name="id-1.14.8.9"></a><h2>EXAMPLE</h2>
<a name="id-1.14.9.9"></a><h2>EXAMPLE</h2>
<p>
To build the SHA-256 DS RR from the
<strong class="userinput"><code>Kexample.com.+003+26160</code></strong>
......@@ -155,7 +155,7 @@
</p>
</div>
<div class="refsection">
<a name="id-1.14.8.10"></a><h2>FILES</h2>
<a name="id-1.14.9.10"></a><h2>FILES</h2>
<p>
The keyfile can be designed by the key identification
<code class="filename">Knnnn.+aaa+iiiii</code> or the full file name
......@@ -169,13 +169,13 @@
</p>
</div>
<div class="refsection">
<a name="id-1.14.8.11"></a><h2>CAVEAT</h2>
<a name="id-1.14.9.11"></a><h2>CAVEAT</h2>
<p>
A keyfile error can give a "file not found" even if the file exists.
</p>
</div>
<div class="refsection">
<a name="id-1.14.8.12"></a><h2>SEE ALSO</h2>
<a name="id-1.14.9.12"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">dnssec-signzone</span>(8)</span>,
<em class="citetitle">BIND 9 Administrator Reference Manual</em>,
......
......@@ -41,7 +41,7 @@
<div class="cmdsynopsis"><p><code class="command">dnssec-importkey</code> {<code class="option">-f <em class="replaceable"><code>filename</code></em></code>} [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-L <em class="replaceable"><code>ttl</code></em></code>] [<code class="option">-P <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-P sync <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-D <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-D sync <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-h</code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] [<code class="option">-V</code>] [<code class="option">dnsname</code>]</p></div>
</div>
<div class="refsection">
<a name="id-1.14.9.7"></a><h2>DESCRIPTION</h2>
<a name="id-1.14.10.7"></a><h2>DESCRIPTION</h2>
<p><span class="command"><strong>dnssec-importkey</strong></span>
reads a public DNSKEY record and generates a pair of
.key/.private files. The DNSKEY record may be read from an
......@@ -61,7 +61,7 @@
</p>
</div>
<div class="refsection">
<a name="id-1.14.9.8"></a><h2>OPTIONS</h2>
<a name="id-1.14.10.8"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl class="variablelist">
<dt><span class="term">-f <em class="replaceable"><code>filename</code></em></span></dt>
<dd>
......@@ -104,7 +104,7 @@
</dl></div>
</div>
<div class="refsection">
<a name="id-1.14.9.9"></a><h2>TIMING OPTIONS</h2>
<a name="id-1.14.10.9"></a><h2>TIMING OPTIONS</h2>
<p>
Dates can be expressed in the format YYYYMMDD or YYYYMMDDHHMMSS.
If the argument begins with a '+' or '-', it is interpreted as
......@@ -142,7 +142,7 @@
</dl></div>
</div>
<div class="refsection">
<a name="id-1.14.9.10"></a><h2>FILES</h2>
<a name="id-1.14.10.10"></a><h2>FILES</h2>
<p>
A keyfile can be designed by the key identification
<code class="filename">Knnnn.+aaa+iiiii</code> or the full file name
......@@ -151,7 +151,7 @@
</p>
</div>
<div class="refsection">
<a name="id-1.14.9.11"></a><h2>SEE ALSO</h2>
<a name="id-1.14.10.11"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">dnssec-signzone</span>(8)</span>,
<em class="citetitle">BIND 9 Administrator Reference Manual</em>,
......
......@@ -40,7 +40,7 @@
<div class="cmdsynopsis"><p><code class="command">dnssec-keyfromlabel</code> {-l <em class="replaceable"><code>label</code></em>} [<code class="option">-3</code>] [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-A <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-D <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-D sync <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-E <em class="replaceable"><code>engine</code></em></code>] [<code class="option">-f <em class="replaceable"><code>flag</code></em></code>] [<code class="option">-G</code>] [<code class="option">-I <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-i <em class="replaceable"><code>interval</code></em></code>] [<code class="option">-k</code>] [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-L <em class="replaceable"><code>ttl</code></em></code>] [<code class="option">-n <em class="replaceable"><code>nametype</code></em></code>] [<code class="option">-P <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-P sync <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-p <em class="replaceable"><code>protocol</code></em></code>] [<code class="option">-R <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-S <em class="replaceable"><code>key</code></em></code>] [<code class="option">-t <em class="replaceable"><code>type</code></em></code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] [<code class="option">-V</code>] [<code class="option">-y</code>] {name}</p></div>
</div>
<div class="refsection">
<a name="id-1.14.10.7"></a><h2>DESCRIPTION</h2>
<a name="id-1.14.11.7"></a><h2>DESCRIPTION</h2>
<p><span class="command"><strong>dnssec-keyfromlabel</strong></span>
generates a key pair of files that referencing a key object stored
in a cryptographic hardware service module (HSM). The private key
......@@ -56,7 +56,7 @@
</p>
</div>
<div class="refsection">
<a name="id-1.14.10.8"></a><h2>OPTIONS</h2>
<a name="id-1.14.11.8"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl class="variablelist">
<dt><span class="term">-a <em class="replaceable"><code>algorithm</code></em></span></dt>
<dd>
......@@ -233,7 +233,7 @@
</dl></div>
</div>
<div class="refsection">
<a name="id-1.14.10.9"></a><h2>TIMING OPTIONS</h2>
<a name="id-1.14.11.9"></a><h2>TIMING OPTIONS</h2>
<p>
Dates can be expressed in the format YYYYMMDD or YYYYMMDDHHMMSS.
If the argument begins with a '+' or '-', it is interpreted as
......@@ -315,7 +315,7 @@
</dl></div>
</div>
<div class="refsection">
<a name="id-1.14.10.10"></a><h2>GENERATED KEY FILES</h2>
<a name="id-1.14.11.10"></a><h2>GENERATED KEY FILES</h2>
<p>
When <span class="command"><strong>dnssec-keyfromlabel</strong></span> completes
successfully,
......@@ -354,7 +354,7 @@
</p>
</div>
<div class="refsection">
<a name="id-1.14.10.11"></a><h2>SEE ALSO</h2>
<a name="id-1.14.11.11"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>,
<span class="citerefentry"><span class="refentrytitle">dnssec-signzone</span>(8)</span>,
<em class="citetitle">BIND 9 Administrator Reference Manual</em>,
......
......@@ -13,7 +13,7 @@
<link rel="home" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
<link rel="up" href="Bv9ARM.ch13.html" title="Manual pages">
<link rel="prev" href="man.dnssec-keyfromlabel.html" title="dnssec-keyfromlabel">
<link rel="next" href="man.dnssec-revoke.html" title="dnssec-revoke">
<link rel="next" href="man.dnssec-keymgr.html" title="dnssec-keymgr">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<div class="navheader">
......@@ -23,7 +23,7 @@
<td width="20%" align="left">
<a accesskey="p" href="man.dnssec-keyfromlabel.html">Prev</a></td>
<th width="60%" align="center">Manual pages</th>
<td width="20%" align="right"><a accesskey="n" href="man.dnssec-revoke.html">Next</a>
<td width="20%" align="right"><a accesskey="n" href="man.dnssec-keymgr.html">Next</a>
</td>
</tr>
</table>
......@@ -40,7 +40,7 @@
<div class="cmdsynopsis"><p><code class="command">dnssec-keygen</code> [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-b <em class="replaceable"><code>keysize</code></em></code>] [<code class="option">-n <em class="replaceable"><code>nametype</code></em></code>] [<code class="option">-3</code>] [<code class="option">-A <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-C</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-D <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-D sync <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-E <em class="replaceable"><code>engine</code></em></code>] [<code class="option">-f <em class="replaceable"><code>flag</code></em></code>] [<code class="option">-G</code>] [<code class="option">-g <em class="replaceable"><code>generator</code></em></code>] [<code class="option">-h</code>] [<code class="option">-I <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-i <em class="replaceable"><code>interval</code></em></code>] [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-k</code>] [<code class="option">-L <em class="replaceable"><code>ttl</code></em></code>] [<code class="option">-P <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-P sync <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-p <em class="replaceable"><code>protocol</code></em></code>] [<code class="option">-q</code>] [<code class="option">-R <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-r <em class="replaceable"><code>randomdev</code></em></code>] [<code class="option">-S <em class="replaceable"><code>key</code></em></code>] [<code class="option">-s <em class="replaceable"><code>strength</code></em></code>] [<code class="option">-t <em class="replaceable"><code>type</code></em></code>] [<code class="option">-V</code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] [<code class="option">-z</code>] {name}</p></div>
</div>
<div class="refsection">
<a name="id-1.14.11.7"></a><h2>DESCRIPTION</h2>
<a name="id-1.14.12.7"></a><h2>DESCRIPTION</h2>
<p><span class="command"><strong>dnssec-keygen</strong></span>
generates keys for DNSSEC (Secure DNS), as defined in RFC 2535
and RFC 4034. It can also generate keys for use with
......@@ -54,7 +54,7 @@
</p>
</div>
<div class="refsection">
<a name="id-1.14.11.8"></a><h2>OPTIONS</h2>
<a name="id-1.14.12.8"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl class="variablelist">
<dt><span class="term">-a <em class="replaceable"><code>algorithm</code></em></span></dt>
<dd>
......@@ -277,7 +277,7 @@
</dl></div>
</div>
<div class="refsection">
<a name="id-1.14.11.9"></a><h2>TIMING OPTIONS</h2>
<a name="id-1.14.12.9"></a><h2>TIMING OPTIONS</h2>
<p>
Dates can be expressed in the format YYYYMMDD or YYYYMMDDHHMMSS.
If the argument begins with a '+' or '-', it is interpreted as
......@@ -361,7 +361,7 @@
</dl></div>
</div>
<div class="refsection">
<a name="id-1.14.11.10"></a><h2>GENERATED KEYS</h2>
<a name="id-1.14.12.10"></a><h2>GENERATED KEYS</h2>
<p>
When <span class="command"><strong>dnssec-keygen</strong></span> completes
successfully,
......@@ -407,7 +407,7 @@
</p>
</div>
<div class="refsection">
<a name="id-1.14.11.11"></a><h2>EXAMPLE</h2>
<a name="id-1.14.12.11"></a><h2>EXAMPLE</h2>
<p>
To generate a 768-bit DSA key for the domain
<strong class="userinput"><code>example.com</code></strong>, the following command would be
......@@ -428,7 +428,7 @@
</p>
</div>
<div class="refsection">
<a name="id-1.14.11.12"></a><h2>SEE ALSO</h2>
<a name="id-1.14.12.12"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">dnssec-signzone</span>(8)</span>,
<em class="citetitle">BIND 9 Administrator Reference Manual</em>,
<em class="citetitle">RFC 2539</em>,
......@@ -444,14 +444,14 @@
<td width="40%" align="left">
<a accesskey="p" href="man.dnssec-keyfromlabel.html">Prev</a></td>
<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch13.html">Up</a></td>
<td width="40%" align="right"><a accesskey="n" href="man.dnssec-revoke.html">Next</a>
<td width="40%" align="right"><a accesskey="n" href="man.dnssec-keymgr.html">Next</a>
</td>