bin/dnssec/dnssec-revoke.docbook

	dnssec-revoke.docbook revision f80b665135127a12ca503c8830aa465aa1ddd17d
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync               "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync               [<!ENTITY mdash "&#8212;">]>
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync<!--
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync - Copyright (C) 2009  Internet Systems Consortium, Inc. ("ISC")
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync -
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync - Permission to use, copy, modify, and/or distribute this software for any
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync - purpose with or without fee is hereby granted, provided that the above
e64031e20c39650a7bc902a3e1aba613b9415deevboxsync - copyright notice and this permission notice appear in all copies.
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync -
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync - AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync - PERFORMANCE OF THIS SOFTWARE.
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync-->
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync<!-- $Id: dnssec-revoke.docbook,v 1.7 2009/11/03 21:44:46 each Exp $ -->
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync<refentry id="man.dnssec-revoke">
4fccfb05d1c02ba8c7a61968974eb2e0c8df943bvboxsync  <refentryinfo>
453ae3ee24693b7cc05e53375f90331a8d2fad40vboxsync    <date>June 1, 2009</date>
453ae3ee24693b7cc05e53375f90331a8d2fad40vboxsync  </refentryinfo>
453ae3ee24693b7cc05e53375f90331a8d2fad40vboxsync
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync  <refmeta>
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync    <refentrytitle><application>dnssec-revoke</application></refentrytitle>
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync    <manvolnum>8</manvolnum>
546a09aeb20e5fb8b2977b6888f18893624bead0vboxsync    <refmiscinfo>BIND9</refmiscinfo>
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync  </refmeta>
546a09aeb20e5fb8b2977b6888f18893624bead0vboxsync
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync  <refnamediv>
af62929dce3cc5e14c75438cd2b893f82ae6dbc8vboxsync    <refname><application>dnssec-revoke</application></refname>
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync    <refpurpose>Set the REVOKED bit on a DNSSEC key</refpurpose>
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync  </refnamediv>
af62929dce3cc5e14c75438cd2b893f82ae6dbc8vboxsync
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync  <docinfo>
cae5cca5168e18e168df5541b11f462b60062a7avboxsync    <copyright>
ecbaea9ad65eebbee668d1023015855b750e6505vboxsync      <year>2009</year>
cae5cca5168e18e168df5541b11f462b60062a7avboxsync      <holder>Internet Systems Consortium, Inc. ("ISC")</holder>
83fd17a3a00dc7bf6a36e23bbd2393dfc953da06vboxsync    </copyright>
546a09aeb20e5fb8b2977b6888f18893624bead0vboxsync  </docinfo>
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync  <refsynopsisdiv>
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync    <cmdsynopsis>
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync      <command>dnssec-revoke</command>
83fd17a3a00dc7bf6a36e23bbd2393dfc953da06vboxsync      <arg><option>-hr</option></arg>
783ca280208060edee2442de02fbd8edc09817b0vboxsync      <arg><option>-v <replaceable class="parameter">level</replaceable></option></arg>
783ca280208060edee2442de02fbd8edc09817b0vboxsync      <arg><option>-K <replaceable class="parameter">directory</replaceable></option></arg>
783ca280208060edee2442de02fbd8edc09817b0vboxsync      <arg><option>-E <replaceable class="parameter">engine</replaceable></option></arg>
83fd17a3a00dc7bf6a36e23bbd2393dfc953da06vboxsync      <arg><option>-f</option></arg>
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync      <arg choice="req">keyfile</arg>
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync    </cmdsynopsis>
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync  </refsynopsisdiv>
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync  <refsect1>
83fd17a3a00dc7bf6a36e23bbd2393dfc953da06vboxsync    <title>DESCRIPTION</title>
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync    <para><command>dnssec-revoke</command>
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync      reads a DNSSEC key file, sets the REVOKED bit on the key as defined
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync      in RFC 5011, and creates a new pair of key files containing the
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync      now-revoked key.
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync    </para>
83fd17a3a00dc7bf6a36e23bbd2393dfc953da06vboxsync  </refsect1>
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync  <refsect1>
9d05cb8900409d466af41f602362f191bcd9e042vboxsync    <title>OPTIONS</title>
9d05cb8900409d466af41f602362f191bcd9e042vboxsync
9d05cb8900409d466af41f602362f191bcd9e042vboxsync    <variablelist>
546a09aeb20e5fb8b2977b6888f18893624bead0vboxsync      <varlistentry>
546a09aeb20e5fb8b2977b6888f18893624bead0vboxsync    <term>-h</term>
546a09aeb20e5fb8b2977b6888f18893624bead0vboxsync        <listitem>
546a09aeb20e5fb8b2977b6888f18893624bead0vboxsync      <para>
546a09aeb20e5fb8b2977b6888f18893624bead0vboxsync        Emit usage message and exit.
546a09aeb20e5fb8b2977b6888f18893624bead0vboxsync      </para>
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync        </listitem>
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync      </varlistentry>
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync
760fddd44f2d6492e1eecad957276f46d2d2f4e9vboxsync      <varlistentry>
760fddd44f2d6492e1eecad957276f46d2d2f4e9vboxsync        <term>-K <replaceable class="parameter">directory</replaceable></term>
af62929dce3cc5e14c75438cd2b893f82ae6dbc8vboxsync        <listitem>
af62929dce3cc5e14c75438cd2b893f82ae6dbc8vboxsync          <para>
760fddd44f2d6492e1eecad957276f46d2d2f4e9vboxsync            Sets the directory in which the key files are to reside.
453ae3ee24693b7cc05e53375f90331a8d2fad40vboxsync          </para>
d7209f7c46f3ffeba77d85a45aa5794664bb9375vboxsync        </listitem>
760fddd44f2d6492e1eecad957276f46d2d2f4e9vboxsync      </varlistentry>
760fddd44f2d6492e1eecad957276f46d2d2f4e9vboxsync
760fddd44f2d6492e1eecad957276f46d2d2f4e9vboxsync      <varlistentry>
760fddd44f2d6492e1eecad957276f46d2d2f4e9vboxsync    <term>-r</term>
760fddd44f2d6492e1eecad957276f46d2d2f4e9vboxsync        <listitem>
d7209f7c46f3ffeba77d85a45aa5794664bb9375vboxsync      <para>
d7209f7c46f3ffeba77d85a45aa5794664bb9375vboxsync        After writing the new keyset files remove the original keyset
af62929dce3cc5e14c75438cd2b893f82ae6dbc8vboxsync        files.
af62929dce3cc5e14c75438cd2b893f82ae6dbc8vboxsync      </para>
d7209f7c46f3ffeba77d85a45aa5794664bb9375vboxsync        </listitem>
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync      </varlistentry>
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync      <varlistentry>
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync        <term>-v <replaceable class="parameter">level</replaceable></term>
546a09aeb20e5fb8b2977b6888f18893624bead0vboxsync        <listitem>
546a09aeb20e5fb8b2977b6888f18893624bead0vboxsync          <para>
546a09aeb20e5fb8b2977b6888f18893624bead0vboxsync            Sets the debugging level.
9d05cb8900409d466af41f602362f191bcd9e042vboxsync          </para>
9d05cb8900409d466af41f602362f191bcd9e042vboxsync        </listitem>
9d05cb8900409d466af41f602362f191bcd9e042vboxsync      </varlistentry>
546a09aeb20e5fb8b2977b6888f18893624bead0vboxsync
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync      <varlistentry>
83fd17a3a00dc7bf6a36e23bbd2393dfc953da06vboxsync        <term>-E <replaceable class="parameter">engine</replaceable></term>
83fd17a3a00dc7bf6a36e23bbd2393dfc953da06vboxsync        <listitem>
83fd17a3a00dc7bf6a36e23bbd2393dfc953da06vboxsync          <para>
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync            Use the given OpenSSL engine. When compiled with PKCS#11 support
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync            it defaults to pkcs11; the empty name resets it to no engine.
af62929dce3cc5e14c75438cd2b893f82ae6dbc8vboxsync          </para>
af62929dce3cc5e14c75438cd2b893f82ae6dbc8vboxsync        </listitem>
57177cd3b337b9cfa239ee75d9b33178af08b89evboxsync      </varlistentry>
57177cd3b337b9cfa239ee75d9b33178af08b89evboxsync
57177cd3b337b9cfa239ee75d9b33178af08b89evboxsync      <varlistentry>
57177cd3b337b9cfa239ee75d9b33178af08b89evboxsync        <term>-f</term>
57177cd3b337b9cfa239ee75d9b33178af08b89evboxsync        <listitem>
57177cd3b337b9cfa239ee75d9b33178af08b89evboxsync          <para>
57177cd3b337b9cfa239ee75d9b33178af08b89evboxsync            Force overwrite: Causes <command>dnssec-revoke</command> to
57177cd3b337b9cfa239ee75d9b33178af08b89evboxsync            write the new key pair even if a file already exists matching
57177cd3b337b9cfa239ee75d9b33178af08b89evboxsync            the algorithm and key ID of the revoked key.
760fddd44f2d6492e1eecad957276f46d2d2f4e9vboxsync          </para>
af62929dce3cc5e14c75438cd2b893f82ae6dbc8vboxsync        </listitem>
af62929dce3cc5e14c75438cd2b893f82ae6dbc8vboxsync      </varlistentry>
cf7696ec31e368b66b1ad49a4b03beadd5d62ba8vboxsync    </variablelist>
cf7696ec31e368b66b1ad49a4b03beadd5d62ba8vboxsync  </refsect1>
cf7696ec31e368b66b1ad49a4b03beadd5d62ba8vboxsync
cf7696ec31e368b66b1ad49a4b03beadd5d62ba8vboxsync  <refsect1>
cf7696ec31e368b66b1ad49a4b03beadd5d62ba8vboxsync    <title>SEE ALSO</title>
83fd17a3a00dc7bf6a36e23bbd2393dfc953da06vboxsync    <para><citerefentry>
83fd17a3a00dc7bf6a36e23bbd2393dfc953da06vboxsync        <refentrytitle>dnssec-keygen</refentrytitle><manvolnum>8</manvolnum>
83fd17a3a00dc7bf6a36e23bbd2393dfc953da06vboxsync      </citerefentry>,
83fd17a3a00dc7bf6a36e23bbd2393dfc953da06vboxsync      <citetitle>BIND 9 Administrator Reference Manual</citetitle>,
4fccfb05d1c02ba8c7a61968974eb2e0c8df943bvboxsync      <citetitle>RFC 5011</citetitle>.
83fd17a3a00dc7bf6a36e23bbd2393dfc953da06vboxsync    </para>
4fccfb05d1c02ba8c7a61968974eb2e0c8df943bvboxsync  </refsect1>
4fccfb05d1c02ba8c7a61968974eb2e0c8df943bvboxsync
83fd17a3a00dc7bf6a36e23bbd2393dfc953da06vboxsync  <refsect1>
83fd17a3a00dc7bf6a36e23bbd2393dfc953da06vboxsync    <title>AUTHOR</title>
cf7696ec31e368b66b1ad49a4b03beadd5d62ba8vboxsync    <para><corpauthor>Internet Systems Consortium</corpauthor>
cf7696ec31e368b66b1ad49a4b03beadd5d62ba8vboxsync    </para>
cf7696ec31e368b66b1ad49a4b03beadd5d62ba8vboxsync  </refsect1>
cf7696ec31e368b66b1ad49a4b03beadd5d62ba8vboxsync
cf7696ec31e368b66b1ad49a4b03beadd5d62ba8vboxsync</refentry><!--
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync - Local variables:
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync - mode: sgml
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync - End:
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync-->
1910146bc46e3eee5b8668806da594107fe9aabfvboxsync