dnssec-dsfromkey.docbook revision 37dee1ff94960a61243f611c0f87f8c316815c53
2a31bd531072824ef252c18303859d6af7451b00Francis Dupont<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
2a31bd531072824ef252c18303859d6af7451b00Francis Dupont "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"
2a31bd531072824ef252c18303859d6af7451b00Francis Dupont [<!ENTITY mdash "&#8212;">]>
2a31bd531072824ef252c18303859d6af7451b00Francis Dupont<!--
4a253e12fc611763cd7c1b793e78a00d47894399Francis Dupont - Copyright (C) 2008, 2009 Internet Systems Consortium, Inc. ("ISC")
4a253e12fc611763cd7c1b793e78a00d47894399Francis Dupont -
4a253e12fc611763cd7c1b793e78a00d47894399Francis Dupont - Permission to use, copy, modify, and/or distribute this software for any
cffe96e26744abcf33494837b234219046a631d8Mark Andrews - purpose with or without fee is hereby granted, provided that the above
cffe96e26744abcf33494837b234219046a631d8Mark Andrews - copyright notice and this permission notice appear in all copies.
cffe96e26744abcf33494837b234219046a631d8Mark Andrews -
f703353673abc17ef76c89561a1fbf3555d38927Mark Andrews - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
f703353673abc17ef76c89561a1fbf3555d38927Mark Andrews - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
f703353673abc17ef76c89561a1fbf3555d38927Mark Andrews - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
f703353673abc17ef76c89561a1fbf3555d38927Mark Andrews - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
7e26a2a646877bcd5e03fce6d7347e88f059011eMark Andrews - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
7e26a2a646877bcd5e03fce6d7347e88f059011eMark Andrews - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
7e26a2a646877bcd5e03fce6d7347e88f059011eMark Andrews - PERFORMANCE OF THIS SOFTWARE.
a95a9de45ca739dab17ec1263186dbaaaba50d97Tatuya JINMEI 神明達哉-->
a95a9de45ca739dab17ec1263186dbaaaba50d97Tatuya JINMEI 神明達哉
a95a9de45ca739dab17ec1263186dbaaaba50d97Tatuya JINMEI 神明達哉<!-- $Id: dnssec-dsfromkey.docbook,v 1.11 2010/12/23 04:07:59 marka Exp $ -->
ea8564f68adbacd904e55e47668fe1bbf65ddd1dMark Andrews<refentry id="man.dnssec-dsfromkey">
ea8564f68adbacd904e55e47668fe1bbf65ddd1dMark Andrews <refentryinfo>
55f580c7fc4b99316a54ef54ed79c58efca5fff1Mark Andrews <date>August 26, 2009</date>
55f580c7fc4b99316a54ef54ed79c58efca5fff1Mark Andrews </refentryinfo>
55f580c7fc4b99316a54ef54ed79c58efca5fff1Mark Andrews
d9936b218d9d0fd7c6a1a418e5b91b356190ea12Mark Andrews <refmeta>
d9936b218d9d0fd7c6a1a418e5b91b356190ea12Mark Andrews <refentrytitle><application>dnssec-dsfromkey</application></refentrytitle>
4074b8e7342618ff38ffe3773a2699ee1734f1adMark Andrews <manvolnum>8</manvolnum>
4074b8e7342618ff38ffe3773a2699ee1734f1adMark Andrews <refmiscinfo>BIND9</refmiscinfo>
0283e511317cae3785a9d48e236289a234a25368Mark Andrews </refmeta>
664e11f0b14c78cef7cf6b8c70323a1da494e351Mark Andrews
664e11f0b14c78cef7cf6b8c70323a1da494e351Mark Andrews <refnamediv>
0283e511317cae3785a9d48e236289a234a25368Mark Andrews <refname><application>dnssec-dsfromkey</application></refname>
016c4317500eb565b82b27d00ba6b621c6e29110Mark Andrews <refpurpose>DNSSEC DS RR generation tool</refpurpose>
ce9c1558a6c81b49a5cedf55d168f889aeb5d310Mark Andrews </refnamediv>
ce9c1558a6c81b49a5cedf55d168f889aeb5d310Mark Andrews
ce9c1558a6c81b49a5cedf55d168f889aeb5d310Mark Andrews <docinfo>
ce9c1558a6c81b49a5cedf55d168f889aeb5d310Mark Andrews <copyright>
0f3264c8d1b66de8dedd137d53615b8a8556adfaMark Andrews <year>2008</year>
0f3264c8d1b66de8dedd137d53615b8a8556adfaMark Andrews <year>2009</year>
0f3264c8d1b66de8dedd137d53615b8a8556adfaMark Andrews <holder>Internet Systems Consortium, Inc. ("ISC")</holder>
0e30609d7b3e31e3ff249d185041b9140b5410baMark Andrews </copyright>
0e30609d7b3e31e3ff249d185041b9140b5410baMark Andrews </docinfo>
0e30609d7b3e31e3ff249d185041b9140b5410baMark Andrews
9e8947d9e606b967d0792d0ab1ee7afac5e5f39dMark Andrews <refsynopsisdiv>
9e8947d9e606b967d0792d0ab1ee7afac5e5f39dMark Andrews <cmdsynopsis>
9e8947d9e606b967d0792d0ab1ee7afac5e5f39dMark Andrews <command>dnssec-dsfromkey</command>
3cff31d890bf0815b6b2c7603d1e5c37dc3f26b7Mark Andrews <arg><option>-v <replaceable class="parameter">level</replaceable></option></arg>
3cff31d890bf0815b6b2c7603d1e5c37dc3f26b7Mark Andrews <arg><option>-1</option></arg>
2005c3b37bb39a37dc0b034bb2149006df7e3759Mark Andrews <arg><option>-2</option></arg>
2005c3b37bb39a37dc0b034bb2149006df7e3759Mark Andrews <arg><option>-a <replaceable class="parameter">alg</replaceable></option></arg>
c09c2bf800ba0f5e6efe6b47ba72f43e4a61ca7dMark Andrews <arg><option>-l <replaceable class="parameter">domain</replaceable></option></arg>
9a7d202077fae00fbdca610d8a8d90689e30f331Mark Andrews <arg choice="req">keyfile</arg>
9a7d202077fae00fbdca610d8a8d90689e30f331Mark Andrews </cmdsynopsis>
9a7d202077fae00fbdca610d8a8d90689e30f331Mark Andrews <cmdsynopsis>
9a7d202077fae00fbdca610d8a8d90689e30f331Mark Andrews <command>dnssec-dsfromkey</command>
9a7d202077fae00fbdca610d8a8d90689e30f331Mark Andrews <arg choice="req">-s</arg>
9a7d202077fae00fbdca610d8a8d90689e30f331Mark Andrews <arg><option>-1</option></arg>
9a7d202077fae00fbdca610d8a8d90689e30f331Mark Andrews <arg><option>-2</option></arg>
4a5b30c24ca7ceefec4ca142069b886f3d4ab9f9Mark Andrews <arg><option>-a <replaceable class="parameter">alg</replaceable></option></arg>
4a5b30c24ca7ceefec4ca142069b886f3d4ab9f9Mark Andrews <arg><option>-K <replaceable class="parameter">directory</replaceable></option></arg>
c368f28dad471c70213b41f7a0ad1b4ef4d8c543Mark Andrews <arg><option>-l <replaceable class="parameter">domain</replaceable></option></arg>
f1d6c77eccf502398ae5954fb884bde70764a047Mark Andrews <arg><option>-s</option></arg>
f1d6c77eccf502398ae5954fb884bde70764a047Mark Andrews <arg><option>-c <replaceable class="parameter">class</replaceable></option></arg>
f1d6c77eccf502398ae5954fb884bde70764a047Mark Andrews <arg><option>-f <replaceable class="parameter">file</replaceable></option></arg>
f1d6c77eccf502398ae5954fb884bde70764a047Mark Andrews <arg><option>-A</option></arg>
7adca0ea2fcd44641861523b718d6980c0666103Mark Andrews <arg><option>-v <replaceable class="parameter">level</replaceable></option></arg>
7adca0ea2fcd44641861523b718d6980c0666103Mark Andrews <arg choice="req">dnsname</arg>
7adca0ea2fcd44641861523b718d6980c0666103Mark Andrews </cmdsynopsis>
9dcc44d7b309b61e89083807d47af471ec6bae1fMark Andrews </refsynopsisdiv>
5badfc7e00b2ec2c7b93657906b8609114ee00ccMark Andrews
5badfc7e00b2ec2c7b93657906b8609114ee00ccMark Andrews <refsect1>
5badfc7e00b2ec2c7b93657906b8609114ee00ccMark Andrews <title>DESCRIPTION</title>
dc2a0aa7aaa8b85398ae183c7274c0eeec5009afMark Andrews <para><command>dnssec-dsfromkey</command>
dc2a0aa7aaa8b85398ae183c7274c0eeec5009afMark Andrews outputs the Delegation Signer (DS) resource record (RR), as defined in
2005c3b37bb39a37dc0b034bb2149006df7e3759Mark Andrews RFC 3658 and RFC 4509, for the given key(s).
1fa2ce7eaef0c17d554495220565b681639b2ce5Mark Andrews </para>
7539c231d47677250008737b0691f9518111f3f5Mark Andrews </refsect1>
7539c231d47677250008737b0691f9518111f3f5Mark Andrews
7ae2fa27e921ff5a2de4b0bb3aef5013315e92a8Tatuya JINMEI 神明達哉 <refsect1>
7ae2fa27e921ff5a2de4b0bb3aef5013315e92a8Tatuya JINMEI 神明達哉 <title>OPTIONS</title>
7ae2fa27e921ff5a2de4b0bb3aef5013315e92a8Tatuya JINMEI 神明達哉
7fe86a54252bab063030512a0e4150e1b7814effMark Andrews <variablelist>
7fe86a54252bab063030512a0e4150e1b7814effMark Andrews <varlistentry>
1c3ed2a83d176d9023b51b60dfc96c133f678362Tatuya JINMEI 神明達哉 <term>-1</term>
1c3ed2a83d176d9023b51b60dfc96c133f678362Tatuya JINMEI 神明達哉 <listitem>
1c3ed2a83d176d9023b51b60dfc96c133f678362Tatuya JINMEI 神明達哉 <para>
e951a79d901cc9b72a4882c38f02b568eed6bf24Mark Andrews Use SHA-1 as the digest algorithm (the default is to use
fc53f564caa9d40f4b73a2808260b1dc07e86fddEvan Hunt both SHA-1 and SHA-256).
e951a79d901cc9b72a4882c38f02b568eed6bf24Mark Andrews </para>
9a727082a0f4959d4ad5ee91c171c2fad92ac996Mark Andrews </listitem>
a59640bf27db16e02e01484297e36b7456e163bbMark Andrews </varlistentry>
4462e590791925b6a5efceacbff054a6b5fe35edMark Andrews
4462e590791925b6a5efceacbff054a6b5fe35edMark Andrews <varlistentry>
9925249931480c9e422b70c948b2665264ec46f5Mark Andrews <term>-2</term>
9925249931480c9e422b70c948b2665264ec46f5Mark Andrews <listitem>
9925249931480c9e422b70c948b2665264ec46f5Mark Andrews <para>
fc7043d7d1294478c9988c10af9a7fb8fd810338Evan Hunt Use SHA-256 as the digest algorithm.
fc7043d7d1294478c9988c10af9a7fb8fd810338Evan Hunt </para>
fc7043d7d1294478c9988c10af9a7fb8fd810338Evan Hunt </listitem>
cef715b6556ca1207b85aa1eac6ce817af2be44eMark Andrews </varlistentry>
cef715b6556ca1207b85aa1eac6ce817af2be44eMark Andrews
cef715b6556ca1207b85aa1eac6ce817af2be44eMark Andrews <varlistentry>
5497de6931b5ac26f65c2343b0318614f73933baMark Andrews <term>-a <replaceable class="parameter">algorithm</replaceable></term>
5497de6931b5ac26f65c2343b0318614f73933baMark Andrews <listitem>
5497de6931b5ac26f65c2343b0318614f73933baMark Andrews <para>
f86c5d30de5d2bf4a4aab98f72295309d62e92eeMark Andrews Select the digest algorithm. The value of
f86c5d30de5d2bf4a4aab98f72295309d62e92eeMark Andrews <option>algorithm</option> must be one of SHA-1 (SHA1),
f86c5d30de5d2bf4a4aab98f72295309d62e92eeMark Andrews SHA-256 (SHA256) or GOST. These values are case insensitive.
262c39b2366bf79062f7f86b218947523dd1cbacEvan Hunt </para>
262c39b2366bf79062f7f86b218947523dd1cbacEvan Hunt </listitem>
262c39b2366bf79062f7f86b218947523dd1cbacEvan Hunt </varlistentry>
1ff207c2fa4182156932f3f5c982170385a19225Mark Andrews
b1e32169ac5cf21fca540fa122a546db71090491Mark Andrews <varlistentry>
827572e191fad1326c624593bf35d8eb1928f607Mark Andrews <term>-K <replaceable class="parameter">directory</replaceable></term>
1aba9fe67899522364a9dbc3ee5a14da081f0314Evan Hunt <listitem>
1aba9fe67899522364a9dbc3ee5a14da081f0314Evan Hunt <para>
1aba9fe67899522364a9dbc3ee5a14da081f0314Evan Hunt Look for key files (or, in keyset mode,
546c2bf791782df1077217bdaf1865235fa95a93Mark Andrews <filename>keyset-</filename> files) in
546c2bf791782df1077217bdaf1865235fa95a93Mark Andrews <option>directory</option>.
546c2bf791782df1077217bdaf1865235fa95a93Mark Andrews </para>
6c7f722d31d12cf83964c8132f0a59ef70e34cb5Mark Andrews </listitem>
6c7f722d31d12cf83964c8132f0a59ef70e34cb5Mark Andrews </varlistentry>
fcc2a57e13fbecf085e9d11702709b3d5a49b043Mark Andrews
fcc2a57e13fbecf085e9d11702709b3d5a49b043Mark Andrews <varlistentry>
fcc2a57e13fbecf085e9d11702709b3d5a49b043Mark Andrews <term>-f <replaceable class="parameter">file</replaceable></term>
fcdafc1e30dd4d10184b56201ea2fc3bab711e5eMark Andrews <listitem>
fcdafc1e30dd4d10184b56201ea2fc3bab711e5eMark Andrews <para>
f1263d2aa405087e74caf001cd443079f50ee903Mark Andrews Zone file mode: in place of the keyfile name, the argument is
f1263d2aa405087e74caf001cd443079f50ee903Mark Andrews the DNS domain name of a zone master file, which can be read
f1263d2aa405087e74caf001cd443079f50ee903Mark Andrews from <option>file</option>. If the zone name is the same as
b1d21f6c93c93bd27492fc41f1c3205c39ab2167Mark Andrews <option>file</option>, then it may be omitted.
b1d21f6c93c93bd27492fc41f1c3205c39ab2167Mark Andrews </para>
b1d21f6c93c93bd27492fc41f1c3205c39ab2167Mark Andrews </listitem>
efb3fa669f00ccfd9aada997b426616b6b0ce044Mark Andrews </varlistentry>
efb3fa669f00ccfd9aada997b426616b6b0ce044Mark Andrews
034f775ae1bbc260d88bc372f01fdf4b50554514Mark Andrews <varlistentry>
034f775ae1bbc260d88bc372f01fdf4b50554514Mark Andrews <term>-A</term>
034f775ae1bbc260d88bc372f01fdf4b50554514Mark Andrews <listitem>
80f20cb452989a423ed0ab84cfbf67d258b92247Mark Andrews <para>
80f20cb452989a423ed0ab84cfbf67d258b92247Mark Andrews Include ZSK's when generating DS records. Without this option,
80f20cb452989a423ed0ab84cfbf67d258b92247Mark Andrews only keys which have the KSK flag set will be converted to DS
93ee06cbe34294c300834d383ff89162ad5c241aMark Andrews records and printed. Useful only in zone file mode.
93ee06cbe34294c300834d383ff89162ad5c241aMark Andrews </para>
93ee06cbe34294c300834d383ff89162ad5c241aMark Andrews </listitem>
494143860bbe118050f46ecac3d196c779d4b7b0Mark Andrews </varlistentry>
494143860bbe118050f46ecac3d196c779d4b7b0Mark Andrews
494143860bbe118050f46ecac3d196c779d4b7b0Mark Andrews <varlistentry>
400a1b6604ede895cc8d67a7aa66796a5dbc75e4Mark Andrews <term>-l <replaceable class="parameter">domain</replaceable></term>
400a1b6604ede895cc8d67a7aa66796a5dbc75e4Mark Andrews <listitem>
400a1b6604ede895cc8d67a7aa66796a5dbc75e4Mark Andrews <para>
c0fb34e8156aea6b7fde8488e7440524c703f22eMark Andrews Generate a DLV set instead of a DS set. The specified
c0fb34e8156aea6b7fde8488e7440524c703f22eMark Andrews <option>domain</option> is appended to the name for each
c0fb34e8156aea6b7fde8488e7440524c703f22eMark Andrews record in the set.
48fa5940280d65a83b020cca12769b4cd0422e91Mark Andrews The DNSSEC Lookaside Validation (DLV) RR is described
48fa5940280d65a83b020cca12769b4cd0422e91Mark Andrews in RFC 4431.
48fa5940280d65a83b020cca12769b4cd0422e91Mark Andrews </para>
bfcc5ae79a46c5c55e6cf1a9fe4d70a957712d2bTatuya JINMEI 神明達哉 </listitem>
bfcc5ae79a46c5c55e6cf1a9fe4d70a957712d2bTatuya JINMEI 神明達哉 </varlistentry>
bfcc5ae79a46c5c55e6cf1a9fe4d70a957712d2bTatuya JINMEI 神明達哉
bfcc5ae79a46c5c55e6cf1a9fe4d70a957712d2bTatuya JINMEI 神明達哉 <varlistentry>
bfcc5ae79a46c5c55e6cf1a9fe4d70a957712d2bTatuya JINMEI 神明達哉 <term>-s</term>
20837e74f5e68a8108c25bb341a3ef1c1ca22711Tatuya JINMEI 神明達哉 <listitem>
1c9f629c181dfd14bb429a6699d22c3c023aa218Mark Andrews <para>
1c9f629c181dfd14bb429a6699d22c3c023aa218Mark Andrews Keyset mode: in place of the keyfile name, the argument is
f61a7c87bf36b189d8f04ea4c8ab3ec55778355cMark Andrews the DNS domain name of a keyset file.
f61a7c87bf36b189d8f04ea4c8ab3ec55778355cMark Andrews </para>
f61a7c87bf36b189d8f04ea4c8ab3ec55778355cMark Andrews </listitem>
f61a7c87bf36b189d8f04ea4c8ab3ec55778355cMark Andrews </varlistentry>
f61a7c87bf36b189d8f04ea4c8ab3ec55778355cMark Andrews
f61a7c87bf36b189d8f04ea4c8ab3ec55778355cMark Andrews <varlistentry>
2678fccde3453facce53f857d95fec30ca4a284fMark Andrews <term>-c <replaceable class="parameter">class</replaceable></term>
2678fccde3453facce53f857d95fec30ca4a284fMark Andrews <listitem>
2678fccde3453facce53f857d95fec30ca4a284fMark Andrews <para>
562460463b6f4c4d6f815c58c129451c82d66823Mark Andrews Specifies the DNS class (default is IN). Useful only
562460463b6f4c4d6f815c58c129451c82d66823Mark Andrews in keyset or zone file mode.
562460463b6f4c4d6f815c58c129451c82d66823Mark Andrews </para>
577272cf7935770fa2ea817e656a572cdcd94eccMark Andrews </listitem>
577272cf7935770fa2ea817e656a572cdcd94eccMark Andrews </varlistentry>
577272cf7935770fa2ea817e656a572cdcd94eccMark Andrews
8486ce1efa5deded85415d21d5696e5a51c63357Mark Andrews <varlistentry>
8486ce1efa5deded85415d21d5696e5a51c63357Mark Andrews <term>-v <replaceable class="parameter">level</replaceable></term>
92f60809e854ccf5f115883c6347e370da048848Mark Andrews <listitem>
92f60809e854ccf5f115883c6347e370da048848Mark Andrews <para>
92f60809e854ccf5f115883c6347e370da048848Mark Andrews Sets the debugging level.
92f60809e854ccf5f115883c6347e370da048848Mark Andrews </para>
92f60809e854ccf5f115883c6347e370da048848Mark Andrews </listitem>
f5d0f495847eb4eb9f0058e73051f855800bee0bMark Andrews </varlistentry>
f5d0f495847eb4eb9f0058e73051f855800bee0bMark Andrews </variablelist>
f5d0f495847eb4eb9f0058e73051f855800bee0bMark Andrews </refsect1>
dc0ecf08dbea81b6ebfcd3a18b52aa974472b1baMark Andrews
dc0ecf08dbea81b6ebfcd3a18b52aa974472b1baMark Andrews <refsect1>
dc0ecf08dbea81b6ebfcd3a18b52aa974472b1baMark Andrews <title>EXAMPLE</title>
dc19dcbc236bc876a6cdb426ec7c5fab964f8dfcMark Andrews <para>
dc19dcbc236bc876a6cdb426ec7c5fab964f8dfcMark Andrews To build the SHA-256 DS RR from the
dc19dcbc236bc876a6cdb426ec7c5fab964f8dfcMark Andrews <userinput>Kexample.com.+003+26160</userinput>
dc19dcbc236bc876a6cdb426ec7c5fab964f8dfcMark Andrews keyfile name, the following command would be issued:
dc19dcbc236bc876a6cdb426ec7c5fab964f8dfcMark Andrews </para>
114c14f8adfc249cf2e5cdcb9007af46fed257e3Mark Andrews <para><userinput>dnssec-dsfromkey -2 Kexample.com.+003+26160</userinput>
604419a812b491cd35fb6fad129c3c39da7200a1Mark Andrews </para>
3d78993c6d415f600f57520d1566627b5535d715Mark Andrews <para>
3d78993c6d415f600f57520d1566627b5535d715Mark Andrews The command would print something like:
3d78993c6d415f600f57520d1566627b5535d715Mark Andrews </para>
8c850a29eda020642c84038e449d60f124c6123bMark Andrews <para><userinput>example.com. IN DS 26160 5 2 3A1EADA7A74B8D0BA86726B0C227AA85AB8BBD2B2004F41A868A54F0 C5EA0B94</userinput>
8c850a29eda020642c84038e449d60f124c6123bMark Andrews </para>
8c850a29eda020642c84038e449d60f124c6123bMark Andrews </refsect1>
da31aff2f2a2163dafeea65c63f16d8f3fca05c5Mark Andrews
da31aff2f2a2163dafeea65c63f16d8f3fca05c5Mark Andrews <refsect1>
da31aff2f2a2163dafeea65c63f16d8f3fca05c5Mark Andrews <title>FILES</title>
da31aff2f2a2163dafeea65c63f16d8f3fca05c5Mark Andrews <para>
e8ca2abed76b550fd3baddcfb17f2c9a630d6b71Mark Andrews The keyfile can be designed by the key identification
e8ca2abed76b550fd3baddcfb17f2c9a630d6b71Mark Andrews <filename>Knnnn.+aaa+iiiii</filename> or the full file name
e8ca2abed76b550fd3baddcfb17f2c9a630d6b71Mark Andrews <filename>Knnnn.+aaa+iiiii.key</filename> as generated by
81d9d7a10e52b421d7f4784c48ae995b13203c59Mark Andrews <refentrytitle>dnssec-keygen</refentrytitle><manvolnum>8</manvolnum>.
81d9d7a10e52b421d7f4784c48ae995b13203c59Mark Andrews </para>
81d9d7a10e52b421d7f4784c48ae995b13203c59Mark Andrews <para>
301f6ffbbeabcbf765f8163f4ffb7f6f0146b926Mark Andrews The keyset file name is built from the <option>directory</option>,
301f6ffbbeabcbf765f8163f4ffb7f6f0146b926Mark Andrews the string <filename>keyset-</filename> and the
9e4b25fc3eb5777202147634d789345d893b4539Mark Andrews <option>dnsname</option>.
9e4b25fc3eb5777202147634d789345d893b4539Mark Andrews </para>
9e4b25fc3eb5777202147634d789345d893b4539Mark Andrews </refsect1>
28c49640dcb25102e5040b8d957edd905ddf82f8Mark Andrews
7314547af7aa1dd25d690dd3f034d49e5cc8fa9dMark Andrews <refsect1>
541b9722d8031485922ab11221c2e747c0262cf5Mark Andrews <title>CAVEAT</title>
541b9722d8031485922ab11221c2e747c0262cf5Mark Andrews <para>
541b9722d8031485922ab11221c2e747c0262cf5Mark Andrews A keyfile error can give a "file not found" even if the file exists.
ddaeaddf2b9148ce3e6ec5fecc48f64ea5826faeMark Andrews </para>
ddaeaddf2b9148ce3e6ec5fecc48f64ea5826faeMark Andrews </refsect1>
ddaeaddf2b9148ce3e6ec5fecc48f64ea5826faeMark Andrews
a6f7fdcc039de75e9a20da90044caa814f0357a3Michael Graff <refsect1>
a6f7fdcc039de75e9a20da90044caa814f0357a3Michael Graff <title>SEE ALSO</title>
d7e8610d31d83ff863e8b2dc05c238376c35e949Mark Andrews <para><citerefentry>
d7e8610d31d83ff863e8b2dc05c238376c35e949Mark Andrews <refentrytitle>dnssec-keygen</refentrytitle><manvolnum>8</manvolnum>
d7e8610d31d83ff863e8b2dc05c238376c35e949Mark Andrews </citerefentry>,
7e8214191899dc8043babdfbe9235ba14c825005Mark Andrews <citerefentry>
7e8214191899dc8043babdfbe9235ba14c825005Mark Andrews <refentrytitle>dnssec-signzone</refentrytitle><manvolnum>8</manvolnum>
c4dc5966e0a66f4d75677f1634eff3b45baf988eMark Andrews </citerefentry>,
c4dc5966e0a66f4d75677f1634eff3b45baf988eMark Andrews <citetitle>BIND 9 Administrator Reference Manual</citetitle>,
c4dc5966e0a66f4d75677f1634eff3b45baf988eMark Andrews <citetitle>RFC 3658</citetitle>,
9429f5a8318bd2142280c949d4af05998ca348a2Evan Hunt <citetitle>RFC 4431</citetitle>.
9429f5a8318bd2142280c949d4af05998ca348a2Evan Hunt <citetitle>RFC 4509</citetitle>.
0899d16ebd6a70bb027e7899c53e7f542ebc987bEvan Hunt </para>
0899d16ebd6a70bb027e7899c53e7f542ebc987bEvan Hunt </refsect1>
0899d16ebd6a70bb027e7899c53e7f542ebc987bEvan Hunt
0899d16ebd6a70bb027e7899c53e7f542ebc987bEvan Hunt <refsect1>
d2e440ca30f27468443ccc7e21db0b8e10c4faf8Mark Andrews <title>AUTHOR</title>
d2e440ca30f27468443ccc7e21db0b8e10c4faf8Mark Andrews <para><corpauthor>Internet Systems Consortium</corpauthor>
d2e440ca30f27468443ccc7e21db0b8e10c4faf8Mark Andrews </para>
404df30f4fcbd318dd1e3cc027d2b5abff3ab6d5Mark Andrews </refsect1>
404df30f4fcbd318dd1e3cc027d2b5abff3ab6d5Mark Andrews
404df30f4fcbd318dd1e3cc027d2b5abff3ab6d5Mark Andrews</refentry><!--
544d0efa38490d67e458aa9c23a7dac2a9d546bfMark Andrews - Local variables:
544d0efa38490d67e458aa9c23a7dac2a9d546bfMark Andrews - mode: sgml
1f2635d3f7b3f0b3bf0d0310fe880d95e84f09fcMark Andrews - End:
1f2635d3f7b3f0b3bf0d0310fe880d95e84f09fcMark Andrews-->
1f2635d3f7b3f0b3bf0d0310fe880d95e84f09fcMark Andrews