doc/arm/man.dnssec-revoke.html

	man.dnssec-revoke.html revision b6b8f8a0362da8c749021c4b6376cfb96047912b
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<!--
11e9368a226272085c337e9e74b79808c16fbdbaTinderbox User - Copyright (C) 2004-2014 Internet Systems Consortium, Inc. ("ISC")
75c0816e8295e180f4bc7f10db3d0d880383bc1cMark Andrews - Copyright (C) 2000-2003 Internet Software Consortium.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein -
4a14ce5ba00ab7bc55c99ffdcf59c7a4ab902721Automatic Updater - Permission to use, copy, modify, and/or distribute this software for any
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - purpose with or without fee is hereby granted, provided that the above
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - copyright notice and this permission notice appear in all copies.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein -
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - PERFORMANCE OF THIS SOFTWARE.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein-->
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<!-- $Id$ -->
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<html>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<head>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<title>dnssec-revoke</title>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="up" href="Bv9ARM.ch10.html" title="Manual pages">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="prev" href="man.dnssec-keygen.html" title="dnssec-keygen">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="next" href="man.dnssec-settime.html" title="dnssec-settime">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</head>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="navheader">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<table width="100%" summary="Navigation header">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<tr><th colspan="3" align="center"><span class="application">dnssec-revoke</span></th></tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="20%" align="left">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a accesskey="p" href="man.dnssec-keygen.html">Prev</a>�</td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<th width="60%" align="center">Manual pages</th>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="20%" align="right">�<a accesskey="n" href="man.dnssec-settime.html">Next</a>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</table>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<hr>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User</div>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<div class="refentry" lang="en">
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<a name="man.dnssec-revoke"></a><div class="titlepage"></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="refnamediv">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<h2>Name</h2>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<p><span class="application">dnssec-revoke</span> &#8212; Set the REVOKED bit on a DNSSEC key</p>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt</div>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<div class="refsynopsisdiv">
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<h2>Synopsis</h2>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<div class="cmdsynopsis"><p><code class="command">dnssec-revoke</code>  [<code class="option">-hr</code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-E <em class="replaceable"><code>engine</code></em></code>] [<code class="option">-f</code>] [<code class="option">-R</code>] {keyfile}</p></div>
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User</div>
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User<div class="refsect1" lang="en">
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<a name="id2621675"></a><h2>DESCRIPTION</h2>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p><span><strong class="command">dnssec-revoke</strong></span>
2b4d1b54f6ca406b8233d9e6fea9593df6dad035Tinderbox User      reads a DNSSEC key file, sets the REVOKED bit on the key as defined
2b4d1b54f6ca406b8233d9e6fea9593df6dad035Tinderbox User      in RFC 5011, and creates a new pair of key files containing the
2b4d1b54f6ca406b8233d9e6fea9593df6dad035Tinderbox User      now-revoked key.
2b4d1b54f6ca406b8233d9e6fea9593df6dad035Tinderbox User    </p>
2b4d1b54f6ca406b8233d9e6fea9593df6dad035Tinderbox User</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="refsect1" lang="en">
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User<a name="id2621689"></a><h2>OPTIONS</h2>
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User<div class="variablelist"><dl>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<dt><span class="term">-h</span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dd><p>
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User        Emit usage message and exit.
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User      </p></dd>
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User<dt><span class="term">-K <em class="replaceable"><code>directory</code></em></span></dt>
44d0f0256fbdce130a18655023c3b06bacacbd61Automatic Updater<dd><p>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt            Sets the directory in which the key files are to reside.
6f64d4ab8e68f9b2333bcbfc755396d29a4a9d7cAutomatic Updater          </p></dd>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<dt><span class="term">-r</span></dt>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<dd><p>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User        After writing the new keyset files remove the original keyset
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User        files.
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User      </p></dd>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<dt><span class="term">-v <em class="replaceable"><code>level</code></em></span></dt>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<dd><p>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User            Sets the debugging level.
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User          </p></dd>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<dt><span class="term">-E <em class="replaceable"><code>engine</code></em></span></dt>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<dd>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<p>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User            Specifies the cryptographic hardware to use, when applicable.
6f64d4ab8e68f9b2333bcbfc755396d29a4a9d7cAutomatic Updater          </p>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<p>
44d0f0256fbdce130a18655023c3b06bacacbd61Automatic Updater            When BIND is built with OpenSSL PKCS#11 support, this defaults
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User            to the string "pkcs11", which identifies an OpenSSL engine
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User            that can drive a cryptographic accelerator or hardware service
bbbf2e27d3a981163dab139497d6b2dc85449db0Tinderbox User            module.  When BIND is built with native PKCS#11 cryptography
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt            (--enable-native-pkcs11), it defaults to the path of the PKCS#11
bbbf2e27d3a981163dab139497d6b2dc85449db0Tinderbox User            provider library specified via "--with-pkcs11".
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User          </p>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User</dd>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<dt><span class="term">-f</span></dt>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<dd><p>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User            Force overwrite: Causes <span><strong class="command">dnssec-revoke</strong></span> to
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User            write the new key pair even if a file already exists matching
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User            the algorithm and key ID of the revoked key.
44d0f0256fbdce130a18655023c3b06bacacbd61Automatic Updater          </p></dd>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<dt><span class="term">-R</span></dt>
44d0f0256fbdce130a18655023c3b06bacacbd61Automatic Updater<dd><p>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User        Print the key tag of the key with the REVOKE bit set but do
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User        not revoke the key.
bcf15a19ae0efa72a22cdfb50666a3c6ce39eb9fTinderbox User          </p></dd>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt</dl></div>
bcf15a19ae0efa72a22cdfb50666a3c6ce39eb9fTinderbox User</div>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<div class="refsect1" lang="en">
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<a name="id2621813"></a><h2>SEE ALSO</h2>
983df82baf1d7d0b668c98cf45928a19f175c6e7Tinderbox User<p><span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>,
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User      <em class="citetitle">BIND 9 Administrator Reference Manual</em>,
983df82baf1d7d0b668c98cf45928a19f175c6e7Tinderbox User      <em class="citetitle">RFC 5011</em>.
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User    </p>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="refsect1" lang="en">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="id2621837"></a><h2>AUTHOR</h2>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p><span class="corpauthor">Internet Systems Consortium</span>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User    </p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein</div>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<div class="navfooter">
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews<hr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<table width="100%" summary="Navigation footer">
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="40%" align="left">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a accesskey="p" href="man.dnssec-keygen.html">Prev</a>�</td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch10.html">Up</a></td>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<td width="40%" align="right">�<a accesskey="n" href="man.dnssec-settime.html">Next</a>
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews</td>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt</tr>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<tr>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<td width="40%" align="left" valign="top">
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<span class="application">dnssec-keygen</span>�</td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="40%" align="right" valign="top">�<span class="application">dnssec-settime</span>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User</td>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews</tr>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt</table>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt</div>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt</body>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt</html>
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews