Commit ef978c92 authored by Mark Andrews's avatar Mark Andrews

Merge branch 'u/fanf2/man-dnssec-keygen-again' into 'master'

A bit more cleanup in the dnssec-keygen manual

See merge request !1678
parents 48a7efaf acc3fa04
Pipeline #11895 passed with stages
in 1 minute
5186. [cleanup] More dnssec-keygen manual tidying. [GL !1678]
5185. [placeholder]
5184. [bug] Missing unlocks in sdlz.c. [GL #936]
......
......@@ -571,10 +571,12 @@
key.
</para>
<para>
The <filename>.key</filename> file contains a DNS KEY record
that
can be inserted into a zone file (directly or with a $INCLUDE
statement).
The <filename>.key</filename> file contains a DNSKEY or KEY record.
When a zone is being signed by <command>named</command>
or <command>dnssec-signzone</command> <option>-S</option>, DNSKEY
records are included automatically. In other cases,
the <filename>.key</filename> file can be inserted into a zone file
manually or with a <userinput>$INCLUDE</userinput> statement.
</para>
<para>
The <filename>.private</filename> file contains
......@@ -582,11 +584,6 @@
fields. For obvious security reasons, this file does not have
general read permission.
</para>
<para>
Both <filename>.key</filename> and <filename>.private</filename>
files are generated for symmetric cryptography algorithms such as
HMAC-MD5, even though the public and private key are equivalent.
</para>
</refsection>
<refsection><info><title>EXAMPLE</title></info>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment