9fbbfb5757a1e3e86d7dea62c4e63ffc2303ca2bAutomatic Updater<html>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<head>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<title>dnssec-coverage</title>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<meta name="generator" content="DocBook XSL Stylesheets V1.78.1">

e21a2904f02a03fa06b6db04d348f65fe9c67b2bMark Andrews<link rel="home" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="up" href="Bv9ARM.ch13.html" title="Manual pages">

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="prev" href="man.dnssec-checkds.html" title="dnssec-checkds">

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="next" href="man.dnssec-dsfromkey.html" title="dnssec-dsfromkey">

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</head>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="navheader">

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<table width="100%" summary="Navigation header">

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<tr><th colspan="3" align="center"><span class="application">dnssec-coverage</span></th></tr>

71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews<tr>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="20%" align="left">

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a accesskey="p" href="man.dnssec-checkds.html">Prev</a>�</td>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<th width="60%" align="center">Manual pages</th>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="20%" align="right">�<a accesskey="n" href="man.dnssec-dsfromkey.html">Next</a>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</td>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</tr>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</table>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<hr>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="refentry">

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="man.dnssec-coverage"></a><div class="titlepage"></div>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="refnamediv">

71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews<h2>Name</h2>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p><span class="application">dnssec-coverage</span> &#8212; checks future DNSKEY coverage for a zone</p>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="refsynopsisdiv">

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<h2>Synopsis</h2>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="cmdsynopsis"><p><code class="command">dnssec-coverage</code> [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-l <em class="replaceable"><code>length</code></em></code>] [<code class="option">-f <em class="replaceable"><code>file</code></em></code>] [<code class="option">-d <em class="replaceable"><code>DNSKEY TTL</code></em></code>] [<code class="option">-m <em class="replaceable"><code>max TTL</code></em></code>] [<code class="option">-r <em class="replaceable"><code>interval</code></em></code>] [<code class="option">-c <em class="replaceable"><code>compilezone path</code></em></code>] [<code class="option">-k</code>] [<code class="option">-z</code>] [zone]</p></div>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>

2cc6eb92f9443695bc32fa6eed372d983d261a35Automatic Updater<div class="refsection">

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="id-1.14.6.7"></a><h2>DESCRIPTION</h2>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p><span class="command"><strong>dnssec-coverage</strong></span>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein verifies that the DNSSEC keys for a given zone or a set of zones

2cc6eb92f9443695bc32fa6eed372d983d261a35Automatic Updater have timing metadata set properly to ensure no future lapses in DNSSEC

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein coverage.

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein </p>

2cc6eb92f9443695bc32fa6eed372d983d261a35Automatic Updater<p>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein If <code class="option">zone</code> is specified, then keys found in

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein the key repository matching that zone are scanned, and an ordered

2cc6eb92f9443695bc32fa6eed372d983d261a35Automatic Updater list is generated of the events scheduled for that key (i.e.,

2cc6eb92f9443695bc32fa6eed372d983d261a35Automatic Updater publication, activation, inactivation, deletion). The list of

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein events is walked in order of occurrence. Warnings are generated

2cc6eb92f9443695bc32fa6eed372d983d261a35Automatic Updater if any event is scheduled which could cause the zone to enter a

2cc6eb92f9443695bc32fa6eed372d983d261a35Automatic Updater state in which validation failures might occur: for example, if

2cc6eb92f9443695bc32fa6eed372d983d261a35Automatic Updater the number of published or active keys for a given algorithm drops

2cc6eb92f9443695bc32fa6eed372d983d261a35Automatic Updater to zero, or if a key is deleted from the zone too soon after a new

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein key is rolled, and cached data signed by the prior key has not had

2cc6eb92f9443695bc32fa6eed372d983d261a35Automatic Updater time to expire from resolver caches.

2cc6eb92f9443695bc32fa6eed372d983d261a35Automatic Updater </p>

2cc6eb92f9443695bc32fa6eed372d983d261a35Automatic Updater<p>

2cc6eb92f9443695bc32fa6eed372d983d261a35Automatic Updater If <code class="option">zone</code> is not specified, then all keys in the

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein key repository will be scanned, and all zones for which there are

2cc6eb92f9443695bc32fa6eed372d983d261a35Automatic Updater keys will be analyzed. (Note: This method of reporting is only

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein accurate if all the zones that have keys in a given repository

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein share the same TTL parameters.)

98b5a9d1099f72169c90de39712fc4f63e9d990eAutomatic Updater </p>

0ddeab91cf922fd977f37318620b4c69dccf8364Automatic Updater</div>

c6d486af36165da7eb970354981d145249e342e4Mark Andrews<div class="refsection">

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="id-1.14.6.8"></a><h2>OPTIONS</h2>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="variablelist"><dl class="variablelist">

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-K <em class="replaceable"><code>directory</code></em></span></dt>

0ddeab91cf922fd977f37318620b4c69dccf8364Automatic Updater<dd><p>

0ddeab91cf922fd977f37318620b4c69dccf8364Automatic Updater Sets the directory in which keys can be found. Defaults to the

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein current working directory.

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein </p></dd>

0ddeab91cf922fd977f37318620b4c69dccf8364Automatic Updater<dt><span class="term">-f <em class="replaceable"><code>file</code></em></span></dt>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><p>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein If a <code class="option">file</code> is specified, then the zone is

0ddeab91cf922fd977f37318620b4c69dccf8364Automatic Updater read from that file; the largest TTL and the DNSKEY TTL are

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein determined directly from the zone data, and the

9fbbfb5757a1e3e86d7dea62c4e63ffc2303ca2bAutomatic Updater <code class="option">-m</code> and <code class="option">-d</code> options do

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein not need to be specified on the command line.

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein </p></dd>

9fbbfb5757a1e3e86d7dea62c4e63ffc2303ca2bAutomatic Updater<dt><span class="term">-l <em class="replaceable"><code>duration</code></em></span></dt>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd>

9fbbfb5757a1e3e86d7dea62c4e63ffc2303ca2bAutomatic Updater<p>

0ddeab91cf922fd977f37318620b4c69dccf8364Automatic Updater The length of time to check for DNSSEC coverage. Key events

9fbbfb5757a1e3e86d7dea62c4e63ffc2303ca2bAutomatic Updater scheduled further into the future than <code class="option">duration</code>

7208386cd37a2092c70eddf80cf29519b16c4c80Mark Andrews will be ignored, and assumed to be correct.

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein </p>

507151045be68c671ffd4e2f37e17cdfa0376fc4Automatic Updater<p>

507151045be68c671ffd4e2f37e17cdfa0376fc4Automatic Updater The value of <code class="option">duration</code> can be set in seconds,

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein or in larger units of time by adding a suffix: 'mi' for minutes,

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein 'h' for hours, 'd' for days, 'w' for weeks, 'mo' for months,

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein 'y' for years.

71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews </p>

71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews</dd>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-m <em class="replaceable"><code>maximum TTL</code></em></span></dt>

71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews<dd>

71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews<p>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Sets the value to be used as the maximum TTL for the zone or

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein zones being analyzed when determining whether there is a

71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews possibility of validation failure. When a zone-signing key is

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein deactivated, there must be enough time for the record in the

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein zone with the longest TTL to have expired from resolver caches

71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews before that key can be purged from the DNSKEY RRset. If that

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein condition does not apply, a warning will be generated.

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein </p>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein The length of the TTL can be set in seconds, or in larger units

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein of time by adding a suffix: 'mi' for minutes, 'h' for hours,

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein 'd' for days, 'w' for weeks, 'mo' for months, 'y' for years.

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein </p>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>

71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews This option is mandatory unless the <code class="option">-f</code> has

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein been used to specify a zone file. (If <code class="option">-f</code> has

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein been specified, this option may still be used; it will override

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein the value found in the file.)

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein </p>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</dd>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-d <em class="replaceable"><code>DNSKEY TTL</code></em></span></dt>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Sets the value to be used as the DNSKEY TTL for the zone or

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein zones being analyzed when determining whether there is a

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein possibility of validation failure. When a key is rolled (that

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein is, replaced with a new key), there must be enough time

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein for the old DNSKEY RRset to have expired from resolver caches

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein before the new key is activated and begins generating

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein signatures. If that condition does not apply, a warning

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein will be generated.

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein </p>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein The length of the TTL can be set in seconds, or in larger units

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein of time by adding a suffix: 'mi' for minutes, 'h' for hours,

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein 'd' for days, 'w' for weeks, 'mo' for months, 'y' for years.

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein </p>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein This option is mandatory unless the <code class="option">-f</code> has

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein been used to specify a zone file, or a default key TTL was

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein set with the <code class="option">-L</code> to

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <span class="command"><strong>dnssec-keygen</strong></span>. (If either of those is true,

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein this option may still be used; it will override the value found

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein in the zone or key file.)

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein </p>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</dd>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-r <em class="replaceable"><code>resign interval</code></em></span></dt>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Sets the value to be used as the resign interval for the zone

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein or zones being analyzed when determining whether there is a

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein possibility of validation failure. This value defaults to

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein 22.5 days, which is also the default in

5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews <span class="command"><strong>named</strong></span>. However, if it has been changed

5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews by the <code class="option">sig-validity-interval</code> option in

5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews <code class="filename">named.conf</code>, then it should also be

5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews changed here.

5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews </p>

5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<p>

5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews The length of the interval can be set in seconds, or in larger

5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews units of time by adding a suffix: 'mi' for minutes, 'h' for hours,

b05bdb520d83f7ecaad708fe305268c3420be01dMark Andrews 'd' for days, 'w' for weeks, 'mo' for months, 'y' for years.

5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews </p>

5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews</dd>

5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<dt><span class="term">-k</span></dt>

5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<dd><p>

5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews Only check KSK coverage; ignore ZSK events. Cannot be

5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews used with <code class="option">-z</code>.

5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews </p></dd>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-z</span></dt>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><p>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Only check ZSK coverage; ignore KSK events. Cannot be

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein used with <code class="option">-k</code>.

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein </p></dd>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-c <em class="replaceable"><code>compilezone path</code></em></span></dt>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><p>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Specifies a path to a <span class="command"><strong>named-compilezone</strong></span> binary.

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Used for testing.

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein </p></dd>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</dl></div>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="refsection">

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="id-1.14.6.9"></a><h2>SEE ALSO</h2>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <span class="citerefentry"><span class="refentrytitle">dnssec-checkds</span>(8)</span>,

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <span class="citerefentry"><span class="refentrytitle">dnssec-dsfromkey</span>(8)</span>,

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>,

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <span class="citerefentry"><span class="refentrytitle">dnssec-signzone</span>(8)</span>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein </p>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="navfooter">

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<hr>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<table width="100%" summary="Navigation footer">

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<tr>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="40%" align="left">

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a accesskey="p" href="man.dnssec-checkds.html">Prev</a>�</td>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch13.html">Up</a></td>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="40%" align="right">�<a accesskey="n" href="man.dnssec-dsfromkey.html">Next</a>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</td>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</tr>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<tr>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="40%" align="left" valign="top">

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<span class="application">dnssec-checkds</span>�</td>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="40%" align="right" valign="top">�<span class="application">dnssec-dsfromkey</span>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</td>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</tr>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</table>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.11.0pre-alpha</p>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</body>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</html>

60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein