c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<html lang="en">

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<head>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<title>dnssec-coverage</title>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<meta name="generator" content="DocBook XSL Stylesheets V1.78.1">

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<link rel="home" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<link rel="up" href="Bv9ARM.ch13.html" title="Manual pages">

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<link rel="prev" href="man.dnssec-checkds.html" title="dnssec-checkds">

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<link rel="next" href="man.dnssec-dsfromkey.html" title="dnssec-dsfromkey">

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley</head>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<div class="navheader">

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<table width="100%" summary="Navigation header">

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<tr><th colspan="3" align="center"><span class="application">dnssec-coverage</span></th></tr>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<tr>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<td width="20%" align="left">

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<a accesskey="p" href="man.dnssec-checkds.html">Prev</a>�</td>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<th width="60%" align="center">Manual pages</th>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<td width="20%" align="right">�<a accesskey="n" href="man.dnssec-dsfromkey.html">Next</a>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley</td>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley</tr>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley</table>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<hr>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley</div>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<div class="refentry">

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<a name="man.dnssec-coverage"></a><div class="titlepage"></div>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley <div class="refnamediv">

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<h2>Name</h2>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley <span class="application">dnssec-coverage</span>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley &#8212; checks future DNSKEY coverage for a zone

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley </p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley</div>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley <div class="refsynopsisdiv">

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<h2>Synopsis</h2>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley <div class="cmdsynopsis"><p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley <code class="command">dnssec-coverage</code>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>]

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley [<code class="option">-l <em class="replaceable"><code>length</code></em></code>]

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley [<code class="option">-f <em class="replaceable"><code>file</code></em></code>]

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley [<code class="option">-d <em class="replaceable"><code>DNSKEY TTL</code></em></code>]

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley [<code class="option">-m <em class="replaceable"><code>max TTL</code></em></code>]

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley [<code class="option">-r <em class="replaceable"><code>interval</code></em></code>]

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley [<code class="option">-c <em class="replaceable"><code>compilezone path</code></em></code>]

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley [<code class="option">-k</code>]

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley [<code class="option">-z</code>]

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley [zone...]

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley </p></div>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley </div>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley <div class="refsection">

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<a name="id-1.14.8.7"></a><h2>DESCRIPTION</h2>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley <p><span class="command"><strong>dnssec-coverage</strong></span>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley verifies that the DNSSEC keys for a given zone or a set of zones

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley have timing metadata set properly to ensure no future lapses in DNSSEC

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley coverage.

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley </p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley <p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley If <code class="option">zone</code> is specified, then keys found in

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley the key repository matching that zone are scanned, and an ordered

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley list is generated of the events scheduled for that key (i.e.,

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley publication, activation, inactivation, deletion). The list of

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley events is walked in order of occurrence. Warnings are generated

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley if any event is scheduled which could cause the zone to enter a

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley state in which validation failures might occur: for example, if

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley the number of published or active keys for a given algorithm drops

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley to zero, or if a key is deleted from the zone too soon after a new

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley key is rolled, and cached data signed by the prior key has not had

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley time to expire from resolver caches.

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley </p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley <p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley If <code class="option">zone</code> is not specified, then all keys in the

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley key repository will be scanned, and all zones for which there are

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley keys will be analyzed. (Note: This method of reporting is only

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley accurate if all the zones that have keys in a given repository

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley share the same TTL parameters.)

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley </p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley </div>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley <div class="refsection">

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<a name="id-1.14.8.8"></a><h2>OPTIONS</h2>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley <div class="variablelist"><dl class="variablelist">

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<dt><span class="term">-K <em class="replaceable"><code>directory</code></em></span></dt>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<dd>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley <p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley Sets the directory in which keys can be found. Defaults to the

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley current working directory.

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley </p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley </dd>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<dt><span class="term">-f <em class="replaceable"><code>file</code></em></span></dt>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<dd>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley <p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley If a <code class="option">file</code> is specified, then the zone is

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley read from that file; the largest TTL and the DNSKEY TTL are

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley determined directly from the zone data, and the

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley <code class="option">-m</code> and <code class="option">-d</code> options do

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley not need to be specified on the command line.

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley </p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley </dd>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<dt><span class="term">-l <em class="replaceable"><code>duration</code></em></span></dt>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<dd>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley <p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley The length of time to check for DNSSEC coverage. Key events

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley scheduled further into the future than <code class="option">duration</code>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley will be ignored, and assumed to be correct.

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley </p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley <p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley The value of <code class="option">duration</code> can be set in seconds,

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley or in larger units of time by adding a suffix: 'mi' for minutes,

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley 'h' for hours, 'd' for days, 'w' for weeks, 'mo' for months,

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley 'y' for years.

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley </p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley </dd>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<dt><span class="term">-m <em class="replaceable"><code>maximum TTL</code></em></span></dt>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<dd>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley <p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley Sets the value to be used as the maximum TTL for the zone or

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley zones being analyzed when determining whether there is a

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley possibility of validation failure. When a zone-signing key is

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley deactivated, there must be enough time for the record in the

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley zone with the longest TTL to have expired from resolver caches

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley before that key can be purged from the DNSKEY RRset. If that

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley condition does not apply, a warning will be generated.

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley </p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley <p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley The length of the TTL can be set in seconds, or in larger units

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley of time by adding a suffix: 'mi' for minutes, 'h' for hours,

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley 'd' for days, 'w' for weeks, 'mo' for months, 'y' for years.

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley </p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley <p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley This option is not necessary if the <code class="option">-f</code> has

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley been used to specify a zone file. If <code class="option">-f</code> has

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley been specified, this option may still be used; it will override

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley the value found in the file.

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley </p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley <p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley If this option is not used and the maximum TTL cannot be retrieved

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley from a zone file, a warning is generated and a default value of

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley 1 week is used.

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley </p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley </dd>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<dt><span class="term">-d <em class="replaceable"><code>DNSKEY TTL</code></em></span></dt>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<dd>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley <p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley Sets the value to be used as the DNSKEY TTL for the zone or

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley zones being analyzed when determining whether there is a

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley possibility of validation failure. When a key is rolled (that

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley is, replaced with a new key), there must be enough time for the

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley old DNSKEY RRset to have expired from resolver caches before

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley the new key is activated and begins generating signatures. If

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley that condition does not apply, a warning will be generated.

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley </p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley <p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley The length of the TTL can be set in seconds, or in larger units

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley of time by adding a suffix: 'mi' for minutes, 'h' for hours,

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley 'd' for days, 'w' for weeks, 'mo' for months, 'y' for years.

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley </p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley <p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley This option is not necessary if <code class="option">-f</code> has

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley been used to specify a zone file from which the TTL

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley of the DNSKEY RRset can be read, or if a default key TTL was

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley set using ith the <code class="option">-L</code> to

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley <span class="command"><strong>dnssec-keygen</strong></span>. If either of those is true,

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley this option may still be used; it will override the values

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley found in the zone file or the key file.

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley </p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley <p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley If this option is not used and the key TTL cannot be retrieved

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley from the zone file or the key file, then a warning is generated

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley and a default value of 1 day is used.

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley </p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley </dd>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<dt><span class="term">-r <em class="replaceable"><code>resign interval</code></em></span></dt>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<dd>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley <p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley Sets the value to be used as the resign interval for the zone

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley or zones being analyzed when determining whether there is a

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley possibility of validation failure. This value defaults to

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley 22.5 days, which is also the default in

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley <span class="command"><strong>named</strong></span>. However, if it has been changed

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley by the <code class="option">sig-validity-interval</code> option in

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley <code class="filename">named.conf</code>, then it should also be

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley changed here.

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley </p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley <p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley The length of the interval can be set in seconds, or in larger

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley units of time by adding a suffix: 'mi' for minutes, 'h' for hours,

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley 'd' for days, 'w' for weeks, 'mo' for months, 'y' for years.

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley </p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley </dd>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<dt><span class="term">-k</span></dt>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<dd>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley <p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley Only check KSK coverage; ignore ZSK events. Cannot be

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley used with <code class="option">-z</code>.

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley </p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley </dd>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<dt><span class="term">-z</span></dt>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<dd>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley <p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley Only check ZSK coverage; ignore KSK events. Cannot be

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley used with <code class="option">-k</code>.

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley </p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley </dd>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<dt><span class="term">-c <em class="replaceable"><code>compilezone path</code></em></span></dt>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<dd>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley <p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley Specifies a path to a <span class="command"><strong>named-compilezone</strong></span> binary.

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley Used for testing.

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley </p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley </dd>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley</dl></div>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley </div>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley <div class="refsection">

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<a name="id-1.14.8.9"></a><h2>SEE ALSO</h2>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley <p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley <span class="citerefentry">

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley <span class="refentrytitle">dnssec-checkds</span>(8)

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley </span>,

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley <span class="citerefentry">

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley <span class="refentrytitle">dnssec-dsfromkey</span>(8)

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley </span>,

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley <span class="citerefentry">

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley <span class="refentrytitle">dnssec-keygen</span>(8)

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley </span>,

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley <span class="citerefentry">

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley <span class="refentrytitle">dnssec-signzone</span>(8)

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley </span>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley </p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley </div>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley</div>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<div class="navfooter">

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<hr>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<table width="100%" summary="Navigation footer">

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<tr>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<td width="40%" align="left">

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<a accesskey="p" href="man.dnssec-checkds.html">Prev</a>�</td>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch13.html">Up</a></td>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<td width="40%" align="right">�<a accesskey="n" href="man.dnssec-dsfromkey.html">Next</a>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley</td>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley</tr>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<tr>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<td width="40%" align="left" valign="top">

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<span class="application">dnssec-checkds</span>�</td>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<td width="40%" align="right" valign="top">�<span class="application">dnssec-dsfromkey</span>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley</td>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley</tr>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley</table>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley</div>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.11.2 (Extended Support Version)</p>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley</body>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley</html>

c6dcc4cc989a7aae39ce7263c1d3e1d5758fb91bBob Halley