bin/dnssec/dnssec-importkey.html

d6fa26d0adaec6c910115be34fe7a5a5f402c14fMark Andrews<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
0c91911b4d1e872b87eaf6431ed47fe24d18dd43Mark Andrews<!--
33d0a7767d53cb366039fd0ac4f63cf8a9c351b0Tinderbox User - Copyright (C) 2013-2016 Internet Systems Consortium, Inc. ("ISC")
663272199096ed57917f2bfb1d748a0a622b7b24Tinderbox User -
5347c0fcb04eaea19d9f39795646239f487c6207Tinderbox User - This Source Code Form is subject to the terms of the Mozilla Public
5347c0fcb04eaea19d9f39795646239f487c6207Tinderbox User - License, v. 2.0. If a copy of the MPL was not distributed with this
5347c0fcb04eaea19d9f39795646239f487c6207Tinderbox User - file, You can obtain one at http://mozilla.org/MPL/2.0/.
0c91911b4d1e872b87eaf6431ed47fe24d18dd43Mark Andrews-->
d6fa26d0adaec6c910115be34fe7a5a5f402c14fMark Andrews<html lang="en">
0c91911b4d1e872b87eaf6431ed47fe24d18dd43Mark Andrews<head>
0c91911b4d1e872b87eaf6431ed47fe24d18dd43Mark Andrews<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
0c91911b4d1e872b87eaf6431ed47fe24d18dd43Mark Andrews<title>dnssec-importkey</title>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<meta name="generator" content="DocBook XSL Stylesheets V1.78.1">
0c91911b4d1e872b87eaf6431ed47fe24d18dd43Mark Andrews</head>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry">
0c91911b4d1e872b87eaf6431ed47fe24d18dd43Mark Andrews<a name="man.dnssec-importkey"></a><div class="titlepage"></div>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User  <div class="refnamediv">
0c91911b4d1e872b87eaf6431ed47fe24d18dd43Mark Andrews<h2>Name</h2>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User<p>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    <span class="application">dnssec-importkey</span>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User     &#8212; import DNSKEY records from external systems so they can be managed
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User  </p>
0c91911b4d1e872b87eaf6431ed47fe24d18dd43Mark Andrews</div>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User  <div class="refsynopsisdiv">
0c91911b4d1e872b87eaf6431ed47fe24d18dd43Mark Andrews<h2>Synopsis</h2>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    <div class="cmdsynopsis"><p>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User      <code class="command">dnssec-importkey</code>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User       [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>]
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User       [<code class="option">-L <em class="replaceable"><code>ttl</code></em></code>]
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User       [<code class="option">-P <em class="replaceable"><code>date/offset</code></em></code>]
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User       [<code class="option">-P sync <em class="replaceable"><code>date/offset</code></em></code>]
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User       [<code class="option">-D <em class="replaceable"><code>date/offset</code></em></code>]
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User       [<code class="option">-D sync <em class="replaceable"><code>date/offset</code></em></code>]
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User       [<code class="option">-h</code>]
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User       [<code class="option">-v <em class="replaceable"><code>level</code></em></code>]
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User       [<code class="option">-V</code>]
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User       {<code class="option">keyfile</code>}
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    </p></div>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    <div class="cmdsynopsis"><p>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User      <code class="command">dnssec-importkey</code>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User       {<code class="option">-f <em class="replaceable"><code>filename</code></em></code>}
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User       [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>]
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User       [<code class="option">-L <em class="replaceable"><code>ttl</code></em></code>]
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User       [<code class="option">-P <em class="replaceable"><code>date/offset</code></em></code>]
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User       [<code class="option">-P sync <em class="replaceable"><code>date/offset</code></em></code>]
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User       [<code class="option">-D <em class="replaceable"><code>date/offset</code></em></code>]
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User       [<code class="option">-D sync <em class="replaceable"><code>date/offset</code></em></code>]
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User       [<code class="option">-h</code>]
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User       [<code class="option">-v <em class="replaceable"><code>level</code></em></code>]
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User       [<code class="option">-V</code>]
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User       [<code class="option">dnsname</code>]
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    </p></div>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User  </div>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User  <div class="refsection">
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<a name="id-1.7"></a><h2>DESCRIPTION</h2>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    <p><span class="command"><strong>dnssec-importkey</strong></span>
914ed533b846624c8ba5e7a72a5e8e50c9018b0aTinderbox User      reads a public DNSKEY record and generates a pair of
914ed533b846624c8ba5e7a72a5e8e50c9018b0aTinderbox User      .key/.private files.  The DNSKEY record may be read from an
914ed533b846624c8ba5e7a72a5e8e50c9018b0aTinderbox User      existing .key file, in which case a corresponding .private file
914ed533b846624c8ba5e7a72a5e8e50c9018b0aTinderbox User      will be generated, or it may be read from any other file or
914ed533b846624c8ba5e7a72a5e8e50c9018b0aTinderbox User      from the standard input, in which case both .key and .private
914ed533b846624c8ba5e7a72a5e8e50c9018b0aTinderbox User      files will be generated.
914ed533b846624c8ba5e7a72a5e8e50c9018b0aTinderbox User    </p>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    <p>
914ed533b846624c8ba5e7a72a5e8e50c9018b0aTinderbox User      The newly-created .private file does <span class="emphasis"><em>not</em></span>
914ed533b846624c8ba5e7a72a5e8e50c9018b0aTinderbox User      contain private key data, and cannot be used for signing.
914ed533b846624c8ba5e7a72a5e8e50c9018b0aTinderbox User      However, having a .private file makes it possible to set
914ed533b846624c8ba5e7a72a5e8e50c9018b0aTinderbox User      publication (<code class="option">-P</code>) and deletion
914ed533b846624c8ba5e7a72a5e8e50c9018b0aTinderbox User      (<code class="option">-D</code>) times for the key, which means the
914ed533b846624c8ba5e7a72a5e8e50c9018b0aTinderbox User      public key can be added to and removed from the DNSKEY RRset
914ed533b846624c8ba5e7a72a5e8e50c9018b0aTinderbox User      on schedule even if the true private key is stored offline.
0c91911b4d1e872b87eaf6431ed47fe24d18dd43Mark Andrews    </p>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User  </div>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User  <div class="refsection">
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<a name="id-1.8"></a><h2>OPTIONS</h2>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    <div class="variablelist"><dl class="variablelist">
0c91911b4d1e872b87eaf6431ed47fe24d18dd43Mark Andrews<dt><span class="term">-f <em class="replaceable"><code>filename</code></em></span></dt>
914ed533b846624c8ba5e7a72a5e8e50c9018b0aTinderbox User<dd>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User      <p>
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User        Zone file mode: instead of a public keyfile name, the argument
914ed533b846624c8ba5e7a72a5e8e50c9018b0aTinderbox User        is the DNS domain name of a zone master file, which can be read
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User        from <code class="option">file</code>.  If the domain name is the same as
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User        <code class="option">file</code>, then it may be omitted.
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User      </p>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User      <p>
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User        If <code class="option">file</code> is set to <code class="literal">"-"</code>, then
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User        the zone data is read from the standard input.
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User      </p>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    </dd>
0c91911b4d1e872b87eaf6431ed47fe24d18dd43Mark Andrews<dt><span class="term">-K <em class="replaceable"><code>directory</code></em></span></dt>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User<dd>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User      <p>
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User        Sets the directory in which the key files are to reside.
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User      </p>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    </dd>
0c91911b4d1e872b87eaf6431ed47fe24d18dd43Mark Andrews<dt><span class="term">-L <em class="replaceable"><code>ttl</code></em></span></dt>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User<dd>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User      <p>
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User        Sets the default TTL to use for this key when it is converted
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User        into a DNSKEY RR.  If the key is imported into a zone,
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User        this is the TTL that will be used for it, unless there was
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User        already a DNSKEY RRset in place, in which case the existing TTL
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User        would take precedence.  Setting the default TTL to
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User        <code class="literal">0</code> or <code class="literal">none</code> removes it.
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User      </p>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    </dd>
0c91911b4d1e872b87eaf6431ed47fe24d18dd43Mark Andrews<dt><span class="term">-h</span></dt>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User<dd>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User      <p>
0c91911b4d1e872b87eaf6431ed47fe24d18dd43Mark Andrews        Emit usage message and exit.
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User      </p>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    </dd>
0c91911b4d1e872b87eaf6431ed47fe24d18dd43Mark Andrews<dt><span class="term">-v <em class="replaceable"><code>level</code></em></span></dt>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User<dd>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User      <p>
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User        Sets the debugging level.
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User      </p>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    </dd>
6f1205897504b8f50b1785975482c995888dd630Tinderbox User<dt><span class="term">-V</span></dt>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User<dd>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User      <p>
6f1205897504b8f50b1785975482c995888dd630Tinderbox User        Prints version information.
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User      </p>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    </dd>
0c91911b4d1e872b87eaf6431ed47fe24d18dd43Mark Andrews</dl></div>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User  </div>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User  <div class="refsection">
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<a name="id-1.9"></a><h2>TIMING OPTIONS</h2>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    <p>
0c91911b4d1e872b87eaf6431ed47fe24d18dd43Mark Andrews      Dates can be expressed in the format YYYYMMDD or YYYYMMDDHHMMSS.
0c91911b4d1e872b87eaf6431ed47fe24d18dd43Mark Andrews      If the argument begins with a '+' or '-', it is interpreted as
0c91911b4d1e872b87eaf6431ed47fe24d18dd43Mark Andrews      an offset from the present time.  For convenience, if such an offset
0c91911b4d1e872b87eaf6431ed47fe24d18dd43Mark Andrews      is followed by one of the suffixes 'y', 'mo', 'w', 'd', 'h', or 'mi',
0c91911b4d1e872b87eaf6431ed47fe24d18dd43Mark Andrews      then the offset is computed in years (defined as 365 24-hour days,
0c91911b4d1e872b87eaf6431ed47fe24d18dd43Mark Andrews      ignoring leap years), months (defined as 30 24-hour days), weeks,
0c91911b4d1e872b87eaf6431ed47fe24d18dd43Mark Andrews      days, hours, or minutes, respectively.  Without a suffix, the offset
914ed533b846624c8ba5e7a72a5e8e50c9018b0aTinderbox User      is computed in seconds.  To explicitly prevent a date from being
914ed533b846624c8ba5e7a72a5e8e50c9018b0aTinderbox User      set, use 'none' or 'never'.
0c91911b4d1e872b87eaf6431ed47fe24d18dd43Mark Andrews    </p>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    <div class="variablelist"><dl class="variablelist">
0c91911b4d1e872b87eaf6431ed47fe24d18dd43Mark Andrews<dt><span class="term">-P <em class="replaceable"><code>date/offset</code></em></span></dt>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User<dd>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User      <p>
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User        Sets the date on which a key is to be published to the zone.
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User        After that date, the key will be included in the zone but will
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User        not be used to sign it.
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User      </p>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    </dd>
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User<dt><span class="term">-P sync <em class="replaceable"><code>date/offset</code></em></span></dt>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User<dd>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User      <p>
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User        Sets the date on which CDS and CDNSKEY records that match this
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User        key are to be published to the zone.
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User      </p>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    </dd>
0c91911b4d1e872b87eaf6431ed47fe24d18dd43Mark Andrews<dt><span class="term">-D <em class="replaceable"><code>date/offset</code></em></span></dt>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User<dd>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User      <p>
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User        Sets the date on which the key is to be deleted.  After that
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User        date, the key will no longer be included in the zone.  (It
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User        may remain in the key repository, however.)
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User      </p>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    </dd>
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User<dt><span class="term">-D sync <em class="replaceable"><code>date/offset</code></em></span></dt>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User<dd>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User      <p>
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User        Sets the date on which the CDS and CDNSKEY records that match
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User        this key are to be deleted.
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User      </p>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    </dd>
0c91911b4d1e872b87eaf6431ed47fe24d18dd43Mark Andrews</dl></div>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User  </div>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User  <div class="refsection">
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<a name="id-1.10"></a><h2>FILES</h2>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    <p>
914ed533b846624c8ba5e7a72a5e8e50c9018b0aTinderbox User      A keyfile can be designed by the key identification
914ed533b846624c8ba5e7a72a5e8e50c9018b0aTinderbox User      <code class="filename">Knnnn.+aaa+iiiii</code> or the full file name
914ed533b846624c8ba5e7a72a5e8e50c9018b0aTinderbox User      <code class="filename">Knnnn.+aaa+iiiii.key</code> as generated by
914ed533b846624c8ba5e7a72a5e8e50c9018b0aTinderbox User      <span class="refentrytitle">dnssec-keygen</span>(8).
914ed533b846624c8ba5e7a72a5e8e50c9018b0aTinderbox User    </p>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User  </div>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User  <div class="refsection">
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<a name="id-1.11"></a><h2>SEE ALSO</h2>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    <p><span class="citerefentry">
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    <span class="refentrytitle">dnssec-keygen</span>(8)
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User      </span>,
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User      <span class="citerefentry">
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User    <span class="refentrytitle">dnssec-signzone</span>(8)
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User      </span>,
0c91911b4d1e872b87eaf6431ed47fe24d18dd43Mark Andrews      <em class="citetitle">BIND 9 Administrator Reference Manual</em>,
0c91911b4d1e872b87eaf6431ed47fe24d18dd43Mark Andrews      <em class="citetitle">RFC 5011</em>.
0c91911b4d1e872b87eaf6431ed47fe24d18dd43Mark Andrews    </p>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User  </div>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User
0c91911b4d1e872b87eaf6431ed47fe24d18dd43Mark Andrews</div></body>
0c91911b4d1e872b87eaf6431ed47fe24d18dd43Mark Andrews</html>