dnssec-revoke.docbook revision 1946c596b47b0495ce745fe2fff7da799919b0d2
d6fa26d0adaec6c910115be34fe7a5a5f402c14fMark Andrews<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"
f0aad5341752aefe5059832f6cf3abc3283c6e16Tinderbox User [<!ENTITY mdash "—">]>
5347c0fcb04eaea19d9f39795646239f487c6207Tinderbox User - Copyright (C) 2009 Internet Systems Consortium, Inc. ("ISC")
5347c0fcb04eaea19d9f39795646239f487c6207Tinderbox User - Permission to use, copy, modify, and/or distribute this software for any
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - purpose with or without fee is hereby granted, provided that the above
d6fa26d0adaec6c910115be34fe7a5a5f402c14fMark Andrews - copyright notice and this permission notice appear in all copies.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
cd32f419a8a5432fbb139f56ee73cbf68b9350ccTinderbox User - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
cd32f419a8a5432fbb139f56ee73cbf68b9350ccTinderbox User - PERFORMANCE OF THIS SOFTWARE.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<!-- $Id: dnssec-revoke.docbook,v 1.8 2011/10/20 21:20:01 marka Exp $ -->
cd32f419a8a5432fbb139f56ee73cbf68b9350ccTinderbox User <refentryinfo>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein </refentryinfo>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews <refentrytitle><application>dnssec-revoke</application></refentrytitle>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <refnamediv>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User <refname><application>dnssec-revoke</application></refname>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User <refpurpose>Set the REVOKED bit on a DNSSEC key</refpurpose>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User </refnamediv>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt <holder>Internet Systems Consortium, Inc. ("ISC")</holder>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt </copyright>
a1ff871f78b7d907d6fc3a382beea2a640fe8423Tinderbox User <refsynopsisdiv>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt <cmdsynopsis>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt <arg><option>-v <replaceable class="parameter">level</replaceable></option></arg>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt <arg><option>-K <replaceable class="parameter">directory</replaceable></option></arg>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt <arg><option>-E <replaceable class="parameter">engine</replaceable></option></arg>
f9ce6280cec79deb16ff6d9807aa493ff23e10d9Tinderbox User </cmdsynopsis>
164ade1482251e1da962b42e5bf0d3aa02a11e03Tinderbox User </refsynopsisdiv>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User reads a DNSSEC key file, sets the REVOKED bit on the key as defined
0da02c26a6631c25f075a8e4ac6de9e58f49a0c2Tinderbox User in RFC 5011, and creates a new pair of key files containing the
0da02c26a6631c25f075a8e4ac6de9e58f49a0c2Tinderbox User now-revoked key.
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt <variablelist>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt <varlistentry>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt Emit usage message and exit.
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt </varlistentry>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User <varlistentry>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User <term>-K <replaceable class="parameter">directory</replaceable></term>
33c9436ef1a43d3c0fc3d9be9b4b0509daa83223Tinderbox User Sets the directory in which the key files are to reside.
33c9436ef1a43d3c0fc3d9be9b4b0509daa83223Tinderbox User </varlistentry>
33c9436ef1a43d3c0fc3d9be9b4b0509daa83223Tinderbox User <varlistentry>
33c9436ef1a43d3c0fc3d9be9b4b0509daa83223Tinderbox User After writing the new keyset files remove the original keyset
33c9436ef1a43d3c0fc3d9be9b4b0509daa83223Tinderbox User </varlistentry>
33c9436ef1a43d3c0fc3d9be9b4b0509daa83223Tinderbox User <varlistentry>
33c9436ef1a43d3c0fc3d9be9b4b0509daa83223Tinderbox User <term>-v <replaceable class="parameter">level</replaceable></term>
33c9436ef1a43d3c0fc3d9be9b4b0509daa83223Tinderbox User Sets the debugging level.
33c9436ef1a43d3c0fc3d9be9b4b0509daa83223Tinderbox User </varlistentry>
33c9436ef1a43d3c0fc3d9be9b4b0509daa83223Tinderbox User <varlistentry>
33c9436ef1a43d3c0fc3d9be9b4b0509daa83223Tinderbox User <term>-E <replaceable class="parameter">engine</replaceable></term>
33c9436ef1a43d3c0fc3d9be9b4b0509daa83223Tinderbox User Use the given OpenSSL engine. When compiled with PKCS#11 support
a1ff871f78b7d907d6fc3a382beea2a640fe8423Tinderbox User it defaults to pkcs11; the empty name resets it to no engine.
8a48b6b9b6fa8486f24b22d1972b2b6ebb36a4a4Tinderbox User </varlistentry>
8a48b6b9b6fa8486f24b22d1972b2b6ebb36a4a4Tinderbox User <varlistentry>
8a48b6b9b6fa8486f24b22d1972b2b6ebb36a4a4Tinderbox User Force overwrite: Causes <command>dnssec-revoke</command> to
8a48b6b9b6fa8486f24b22d1972b2b6ebb36a4a4Tinderbox User write the new key pair even if a file already exists matching
8a48b6b9b6fa8486f24b22d1972b2b6ebb36a4a4Tinderbox User the algorithm and key ID of the revoked key.
8a48b6b9b6fa8486f24b22d1972b2b6ebb36a4a4Tinderbox User </varlistentry>
8a48b6b9b6fa8486f24b22d1972b2b6ebb36a4a4Tinderbox User <varlistentry>
8a48b6b9b6fa8486f24b22d1972b2b6ebb36a4a4Tinderbox User Print the key tag of the key with the REVOKE bit set but do
8a48b6b9b6fa8486f24b22d1972b2b6ebb36a4a4Tinderbox User not revoke the key.
8a48b6b9b6fa8486f24b22d1972b2b6ebb36a4a4Tinderbox User </varlistentry>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User </variablelist>
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User <refentrytitle>dnssec-keygen</refentrytitle><manvolnum>8</manvolnum>
164ade1482251e1da962b42e5bf0d3aa02a11e03Tinderbox User </citerefentry>,
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User <citetitle>BIND 9 Administrator Reference Manual</citetitle>,
0da02c26a6631c25f075a8e4ac6de9e58f49a0c2Tinderbox User <para><corpauthor>Internet Systems Consortium</corpauthor>
164ade1482251e1da962b42e5bf0d3aa02a11e03Tinderbox User - Local variables: