Cross Reference: /freebsd-9.3-release/contrib/bind9/bin/dnssec/dnssec-keyfromlabel.8

Deleted Added

sdiff udiff text old ( 193149 ) new ( 204619 )

full compact

dnssec-keyfromlabel.8 (193149)	dnssec-keyfromlabel.8 (204619)
1.\" Copyright (C) 2008 Internet Systems Consortium, Inc. ("ISC")	1.\" Copyright (C) 2008, 2010 Internet Systems Consortium, Inc. ("ISC")
2.\"	2.\"
3.\" Permission to use, copy, modify, and distribute this software for any	3.\" Permission to use, copy, modify, and/or distribute this software for any
4.\" purpose with or without fee is hereby granted, provided that the above 5.\" copyright notice and this permission notice appear in all copies. 6.\" 7.\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH 8.\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY 9.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, 10.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM 11.\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE 12.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 13.\" PERFORMANCE OF THIS SOFTWARE. 14.\"	4.\" purpose with or without fee is hereby granted, provided that the above 5.\" copyright notice and this permission notice appear in all copies. 6.\" 7.\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH 8.\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY 9.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, 10.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM 11.\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE 12.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 13.\" PERFORMANCE OF THIS SOFTWARE. 14.\"
15.\" $Id: dnssec-keyfromlabel.8,v 1.6 2008/11/08 01:11:47 tbox Exp $	15.\" $Id: dnssec-keyfromlabel.8,v 1.6.14.3 2010/01/16 01:55:32 tbox Exp $
16.\" 17.hy 0 18.ad l 19.\" Title: dnssec\-keyfromlabel 20.\" Author: 21.\" Generator: DocBook XSL Stylesheets v1.71.1 <http://docbook.sf.net/> 22.\" Date: February 8, 2008 23.\" Manual: BIND9 --- 14 unchanged lines hidden (view full) --- 38\fBdnssec\-keyfromlabel\fR 39gets keys with the given label from a crypto hardware and builds key files for DNSSEC (Secure DNS), as defined in RFC 2535 and RFC 4034. 40.SH "OPTIONS" 41.PP 42\-a \fIalgorithm\fR 43.RS 4 44Selects the cryptographic algorithm. The value of 45\fBalgorithm\fR	16.\" 17.hy 0 18.ad l 19.\" Title: dnssec\-keyfromlabel 20.\" Author: 21.\" Generator: DocBook XSL Stylesheets v1.71.1 <http://docbook.sf.net/> 22.\" Date: February 8, 2008 23.\" Manual: BIND9 --- 14 unchanged lines hidden (view full) --- 38\fBdnssec\-keyfromlabel\fR 39gets keys with the given label from a crypto hardware and builds key files for DNSSEC (Secure DNS), as defined in RFC 2535 and RFC 4034. 40.SH "OPTIONS" 41.PP 42\-a \fIalgorithm\fR 43.RS 4 44Selects the cryptographic algorithm. The value of 45\fBalgorithm\fR
46must be one of RSAMD5 (RSA) or RSASHA1, DSA, NSEC3RSASHA1, NSEC3DSA or DH (Diffie Hellman). These values are case insensitive.	46must be one of RSAMD5, RSASHA1, DSA, NSEC3RSASHA1, NSEC3DSA, RSASHA256, RSASHA512 or DH (Diffie Hellman). These values are case insensitive.
47.sp	47.sp
	48If no algorithm is specified, then RSASHA1 will be used by default, unless the 49\fB\-3\fR 50option is specified, in which case NSEC3RSASHA1 will be used instead. (If 51\fB\-3\fR 52is used and an algorithm is specified, that algorithm will be checked for compatibility with NSEC3.) 53.sp
48Note 1: that for DNSSEC, RSASHA1 is a mandatory to implement algorithm, and DSA is recommended. 49.sp 50Note 2: DH automatically sets the \-k flag. 51.RE 52.PP 53\-l \fIlabel\fR 54.RS 4 55Specifies the label of keys in the crypto hardware (PKCS#11 device). --- 77 unchanged lines hidden (view full) --- 133The 134\fI.private\fR 135file contains algorithm specific fields. For obvious security reasons, this file does not have general read permission. 136.SH "SEE ALSO" 137.PP 138\fBdnssec\-keygen\fR(8), 139\fBdnssec\-signzone\fR(8), 140BIND 9 Administrator Reference Manual,	54Note 1: that for DNSSEC, RSASHA1 is a mandatory to implement algorithm, and DSA is recommended. 55.sp 56Note 2: DH automatically sets the \-k flag. 57.RE 58.PP 59\-l \fIlabel\fR 60.RS 4 61Specifies the label of keys in the crypto hardware (PKCS#11 device). --- 77 unchanged lines hidden (view full) --- 139The 140\fI.private\fR 141file contains algorithm specific fields. For obvious security reasons, this file does not have general read permission. 142.SH "SEE ALSO" 143.PP 144\fBdnssec\-keygen\fR(8), 145\fBdnssec\-signzone\fR(8), 146BIND 9 Administrator Reference Manual,
141RFC 2539, 142RFC 2845, 143RFC 4033.	147RFC 4034.
144.SH "AUTHOR" 145.PP 146Internet Systems Consortium 147.SH "COPYRIGHT"	148.SH "AUTHOR" 149.PP 150Internet Systems Consortium 151.SH "COPYRIGHT"
148Copyright \(co 2008 Internet Systems Consortium, Inc. ("ISC")	152Copyright \(co 2008, 2010 Internet Systems Consortium, Inc. ("ISC")
149.br	153.br