diff options
Diffstat (limited to 'contrib/zkt/examples/hierarchical/dnssec.conf')
-rw-r--r-- | contrib/zkt/examples/hierarchical/dnssec.conf | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/contrib/zkt/examples/hierarchical/dnssec.conf b/contrib/zkt/examples/hierarchical/dnssec.conf new file mode 100644 index 0000000..12da654 --- /dev/null +++ b/contrib/zkt/examples/hierarchical/dnssec.conf @@ -0,0 +1,40 @@ +# +# @(#) dnssec.conf vT0.96 (c) Feb 2005 - May 2008 Holger Zuleger hznet.de +# + +# dnssec-zkt options +Zonedir: "." +Recursive: True +PrintTime: False +PrintAge: True +LeftJustify: False + +# zone specific values +ResignInterval: 1w # (604800 seconds) +Sigvalidity: 10d # (864000 seconds) +Max_TTL: 6h # (21600 seconds) +Propagation: 5m # (300 seconds) +KEY_TTL: 1h # (3600 seconds) +Serialformat: incremental + +# signing key parameters +KSK_lifetime: 20d # (1728000 seconds) +KSK_algo: RSASHA1 # (Algorithm ID 5) +KSK_bits: 1300 +KSK_randfile: "/dev/urandom" +ZSK_lifetime: 4w # (2419200 seconds) +ZSK_algo: RSASHA1 # (Algorithm ID 5) +ZSK_bits: 512 +ZSK_randfile: "/dev/urandom" + +# dnssec-signer options +LogFile: "log" +LogLevel: "info" +SyslogFacility: "user" +SyslogLevel: "notice" +Keyfile: "dnskey.db" +Zonefile: "zone.db" +KeySetDir: ".." +DLV_Domain: "" +Sig_Pseudorand: True +Sig_Parameter: "-j 1800" |