doc/arm/man.dnssec-dsfromkey.html

	man.dnssec-dsfromkey.html revision 8f70b6b48364b58f2823e735c35bf77787de0860
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<!--
11e9368a226272085c337e9e74b79808c16fbdbaTinderbox User - Copyright (C) 2004-2015 Internet Systems Consortium, Inc. ("ISC")
75c0816e8295e180f4bc7f10db3d0d880383bc1cMark Andrews - Copyright (C) 2000-2003 Internet Software Consortium.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein -
4a14ce5ba00ab7bc55c99ffdcf59c7a4ab902721Automatic Updater - Permission to use, copy, modify, and/or distribute this software for any
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - purpose with or without fee is hereby granted, provided that the above
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - copyright notice and this permission notice appear in all copies.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein -
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - PERFORMANCE OF THIS SOFTWARE.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein-->
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<!-- $Id$ -->
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<html>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<head>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<title>dnssec-dsfromkey</title>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="up" href="Bv9ARM.ch13.html" title="Manual pages">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="prev" href="man.dnssec-coverage.html" title="dnssec-coverage">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="next" href="man.dnssec-importkey.html" title="dnssec-importkey">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</head>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="navheader">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<table width="100%" summary="Navigation header">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<tr><th colspan="3" align="center"><span class="application">dnssec-dsfromkey</span></th></tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="20%" align="left">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a accesskey="p" href="man.dnssec-coverage.html">Prev</a>�</td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<th width="60%" align="center">Manual pages</th>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="20%" align="right">�<a accesskey="n" href="man.dnssec-importkey.html">Next</a>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</table>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<hr>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User</div>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<div class="refentry" lang="en">
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<a name="man.dnssec-dsfromkey"></a><div class="titlepage"></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="refnamediv">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<h2>Name</h2>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<p><span class="application">dnssec-dsfromkey</span> &#8212; DNSSEC DS RR generation tool</p>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="refsynopsisdiv">
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User<h2>Synopsis</h2>
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User<div class="cmdsynopsis"><p><code class="command">dnssec-dsfromkey</code>  [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] [<code class="option">-1</code>] [<code class="option">-2</code>] [<code class="option">-a <em class="replaceable"><code>alg</code></em></code>] [<code class="option">-C</code>] [<code class="option">-l <em class="replaceable"><code>domain</code></em></code>] [<code class="option">-T <em class="replaceable"><code>TTL</code></em></code>] {keyfile}</p></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="cmdsynopsis"><p><code class="command">dnssec-dsfromkey</code>  {-s} [<code class="option">-1</code>] [<code class="option">-2</code>] [<code class="option">-a <em class="replaceable"><code>alg</code></em></code>] [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-l <em class="replaceable"><code>domain</code></em></code>] [<code class="option">-s</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-T <em class="replaceable"><code>TTL</code></em></code>] [<code class="option">-f <em class="replaceable"><code>file</code></em></code>] [<code class="option">-A</code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] {dnsname}</p></div>
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User<div class="cmdsynopsis"><p><code class="command">dnssec-dsfromkey</code>  [<code class="option">-h</code>] [<code class="option">-V</code>]</p></div>
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="refsect1" lang="en">
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User<a name="id2622803"></a><h2>DESCRIPTION</h2>
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User<p><span><strong class="command">dnssec-dsfromkey</strong></span>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      outputs the Delegation Signer (DS) resource record (RR), as defined in
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      RFC 3658 and RFC 4509, for the given key(s).
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    </p>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User</div>
9c6a5d1f22f972232d7a9fd5c5fa64f10bacbdffAutomatic Updater<div class="refsect1" lang="en">
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<a name="id2622817"></a><h2>OPTIONS</h2>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews<div class="variablelist"><dl>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-1</span></dt>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<dd><p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein            Use SHA-1 as the digest algorithm (the default is to use
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein            both SHA-1 and SHA-256).
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User          </p></dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-2</span></dt>
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User<dd><p>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User            Use SHA-256 as the digest algorithm.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein          </p></dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-a <em class="replaceable"><code>algorithm</code></em></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><p>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt            Select the digest algorithm. The value of
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein            <code class="option">algorithm</code> must be one of SHA-1 (SHA1),
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein            SHA-256 (SHA256), GOST or SHA-384 (SHA384).
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein            These values are case insensitive.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein          </p></dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-C</span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><p>
727f5b8846457a33d06f515a10a7e1aa849ddf18Andreas Gustafsson            Generate CDS records rather than DS records.  This is mutually
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce        exclusive with generating lookaside records.
ac93437301f55ed69bf85883a497a75598c628f9Automatic Updater          </p></dd>
ac93437301f55ed69bf85883a497a75598c628f9Automatic Updater<dt><span class="term">-T <em class="replaceable"><code>TTL</code></em></span></dt>
ac93437301f55ed69bf85883a497a75598c628f9Automatic Updater<dd><p>
727f5b8846457a33d06f515a10a7e1aa849ddf18Andreas Gustafsson            Specifies the TTL of the DS records.
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce          </p></dd>
ac93437301f55ed69bf85883a497a75598c628f9Automatic Updater<dt><span class="term">-K <em class="replaceable"><code>directory</code></em></span></dt>
ac93437301f55ed69bf85883a497a75598c628f9Automatic Updater<dd><p>
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce            Look for key files (or, in keyset mode,
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce            <code class="filename">keyset-</code> files) in
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce            <code class="option">directory</code>.
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce          </p></dd>
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce<dt><span class="term">-f <em class="replaceable"><code>file</code></em></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<p>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User            Zone file mode: in place of the keyfile name, the argument is
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein            the DNS domain name of a zone master file, which can be read
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User            from <code class="option">file</code>.  If the zone name is the same as
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User            <code class="option">file</code>, then it may be omitted.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein          </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein            If <code class="option">file</code> is set to <code class="literal">"-"</code>, then
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein            the zone data is read from the standard input.  This makes it
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein            possible to use the output of the <span><strong class="command">dig</strong></span>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein            command as input, as in:
ac93437301f55ed69bf85883a497a75598c628f9Automatic Updater          </p>
ac93437301f55ed69bf85883a497a75598c628f9Automatic Updater<p>
ac93437301f55ed69bf85883a497a75598c628f9Automatic Updater            <strong class="userinput"><code>dig dnskey example.com | dnssec-dsfromkey -f - example.com</code></strong>
ac93437301f55ed69bf85883a497a75598c628f9Automatic Updater          </p>
ac93437301f55ed69bf85883a497a75598c628f9Automatic Updater</dd>
ac93437301f55ed69bf85883a497a75598c628f9Automatic Updater<dt><span class="term">-A</span></dt>
ac93437301f55ed69bf85883a497a75598c628f9Automatic Updater<dd><p>
ac93437301f55ed69bf85883a497a75598c628f9Automatic Updater            Include ZSKs when generating DS records.  Without this option,
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce            only keys which have the KSK flag set will be converted to DS
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce            records and printed.  Useful only in zone file mode.
ac93437301f55ed69bf85883a497a75598c628f9Automatic Updater          </p></dd>
ac93437301f55ed69bf85883a497a75598c628f9Automatic Updater<dt><span class="term">-l <em class="replaceable"><code>domain</code></em></span></dt>
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce<dd><p>
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce            Generate a DLV set instead of a DS set.  The specified
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce            <code class="option">domain</code> is appended to the name for each
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce            record in the set.
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce            The DNSSEC Lookaside Validation (DLV) RR is described
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce            in RFC 4431.  This is mutually exclusive with generating
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce        CDS records.
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce          </p></dd>
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce<dt><span class="term">-s</span></dt>
ac93437301f55ed69bf85883a497a75598c628f9Automatic Updater<dd><p>
ac93437301f55ed69bf85883a497a75598c628f9Automatic Updater            Keyset mode: in place of the keyfile name, the argument is
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce            the DNS domain name of a keyset file.
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce          </p></dd>
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce<dt><span class="term">-c <em class="replaceable"><code>class</code></em></span></dt>
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce<dd><p>
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce            Specifies the DNS class (default is IN).  Useful only
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce            in keyset or zone file mode.
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce          </p></dd>
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce<dt><span class="term">-v <em class="replaceable"><code>level</code></em></span></dt>
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce<dd><p>
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce            Sets the debugging level.
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce          </p></dd>
f293a69bcd1c1dd7bdac8f4102fc2398b9e475c8Eric Luce<dt><span class="term">-h</span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><p>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User            Prints usage information.
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User          </p></dd>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<dt><span class="term">-V</span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><p>
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User            Prints version information.
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User          </p></dd>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</dl></div>
1224c3b69b3d18f7127aa042644936af25a2d679Mark Andrews</div>
1224c3b69b3d18f7127aa042644936af25a2d679Mark Andrews<div class="refsect1" lang="en">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="id2623365"></a><h2>EXAMPLE</h2>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      To build the SHA-256 DS RR from the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      <strong class="userinput"><code>Kexample.com.+003+26160</code></strong>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      keyfile name, the following command would be issued:
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p><strong class="userinput"><code>dnssec-dsfromkey -2 Kexample.com.+003+26160</code></strong>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User    </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt      The command would print something like:
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt    </p>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<p><strong class="userinput"><code>example.com. IN DS 26160 5 2 3A1EADA7A74B8D0BA86726B0C227AA85AB8BBD2B2004F41A868A54F0 C5EA0B94</code></strong>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt    </p>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="refsect1" lang="en">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="id2623401"></a><h2>FILES</h2>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      The keyfile can be designed by the key identification
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      <code class="filename">Knnnn.+aaa+iiiii</code> or the full file name
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      <code class="filename">Knnnn.+aaa+iiiii.key</code> as generated by
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      <span class="refentrytitle">dnssec-keygen</span>(8).
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      The keyset file name is built from the <code class="option">directory</code>,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      the string <code class="filename">keyset-</code> and the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      <code class="option">dnsname</code>.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="refsect1" lang="en">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="id2625081"></a><h2>CAVEAT</h2>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      A keyfile error can give a "file not found" even if the file exists.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="refsect1" lang="en">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="id2625091"></a><h2>SEE ALSO</h2>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p><span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      <span class="citerefentry"><span class="refentrytitle">dnssec-signzone</span>(8)</span>,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      <em class="citetitle">BIND 9 Administrator Reference Manual</em>,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      <em class="citetitle">RFC 3658</em>,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      <em class="citetitle">RFC 4431</em>.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein      <em class="citetitle">RFC 4509</em>.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="refsect1" lang="en">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="id2625130"></a><h2>AUTHOR</h2>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p><span class="corpauthor">Internet Systems Consortium</span>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein    </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="navfooter">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<hr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<table width="100%" summary="Navigation footer">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="40%" align="left">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a accesskey="p" href="man.dnssec-coverage.html">Prev</a>�</td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch13.html">Up</a></td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="40%" align="right">�<a accesskey="n" href="man.dnssec-importkey.html">Next</a>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="40%" align="left" valign="top">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<span class="application">dnssec-coverage</span>�</td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="40%" align="right" valign="top">�<span class="application">dnssec-importkey</span>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</table>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p style="text-align: center;">BIND 9.11.0pre-alpha</p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</body>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</html>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein