From f50ae72ec3417cae55dd4e085991c01af9fdc5f1 Mon Sep 17 00:00:00 2001 From: Martin Nagy Date: Wed, 11 Feb 2009 20:37:59 +0100 Subject: Initial commit --- .../de./example.de./Kexample.de.+005+11867.key | 3 + .../example.de./Kexample.de.+005+11867.published | 10 ++ .../de./example.de./Kexample.de.+005+17439.key | 4 + .../de./example.de./Kexample.de.+005+17439.private | 10 ++ .../de./example.de./Kexample.de.+005+35672.key | 3 + .../de./example.de./Kexample.de.+005+35672.private | 10 ++ .../de./example.de./Kexample.de.+005+41145.key | 3 + .../de./example.de./Kexample.de.+005+41145.private | 10 ++ .../de./example.de./Kexample.de.+005+59244.key | 3 + .../example.de./Kexample.de.+005+59244.published | 10 ++ .../hierarchical/de./example.de./dnskey.db | 48 +++++++ .../hierarchical/de./example.de./dsset-example.de. | 6 + .../de./example.de./keyset-example.de. | 28 ++++ .../de./example.de./keyset-sub.example.de. | 8 ++ .../sub.example.de./Ksub.example.de.+001+19793.key | 3 + .../Ksub.example.de.+001+19793.private | 10 ++ .../Ksub.example.de.+001+51977.depreciated | 10 ++ .../sub.example.de./Ksub.example.de.+001+51977.key | 3 + .../sub.example.de./Ksub.example.de.+001+55699.key | 3 + .../Ksub.example.de.+001+55699.published | 10 ++ .../sub.example.de./Ksub.example.de.+005+40998.key | 3 + .../Ksub.example.de.+005+40998.private | 10 ++ .../sub.example.de./dlvset-sub.example.de. | 2 + .../de./example.de./sub.example.de./dnskey.db | 35 +++++ .../de./example.de./sub.example.de./dnssec.conf | 17 +++ .../sub.example.de./dsset-sub.example.de. | 2 + .../sub.example.de./keyset-sub.example.de. | 8 ++ .../de./example.de./sub.example.de./zone.db | 25 ++++ .../de./example.de./sub.example.de./zone.db.signed | 108 +++++++++++++++ .../examples/hierarchical/de./example.de./zone.db | 37 ++++++ .../hierarchical/de./example.de./zone.db.signed | 147 +++++++++++++++++++++ .../examples/hierarchical/de./keyset-example.de. | 28 ++++ contrib/zkt/examples/hierarchical/dnssec.conf | 40 ++++++ contrib/zkt/examples/hierarchical/named.conf | 102 ++++++++++++++ contrib/zkt/examples/hierarchical/zone.conf | 10 ++ 35 files changed, 769 insertions(+) create mode 100644 contrib/zkt/examples/hierarchical/de./example.de./Kexample.de.+005+11867.key create mode 100644 contrib/zkt/examples/hierarchical/de./example.de./Kexample.de.+005+11867.published create mode 100644 contrib/zkt/examples/hierarchical/de./example.de./Kexample.de.+005+17439.key create mode 100644 contrib/zkt/examples/hierarchical/de./example.de./Kexample.de.+005+17439.private create mode 100644 contrib/zkt/examples/hierarchical/de./example.de./Kexample.de.+005+35672.key create mode 100644 contrib/zkt/examples/hierarchical/de./example.de./Kexample.de.+005+35672.private create mode 100644 contrib/zkt/examples/hierarchical/de./example.de./Kexample.de.+005+41145.key create mode 100644 contrib/zkt/examples/hierarchical/de./example.de./Kexample.de.+005+41145.private create mode 100644 contrib/zkt/examples/hierarchical/de./example.de./Kexample.de.+005+59244.key create mode 100644 contrib/zkt/examples/hierarchical/de./example.de./Kexample.de.+005+59244.published create mode 100644 contrib/zkt/examples/hierarchical/de./example.de./dnskey.db create mode 100644 contrib/zkt/examples/hierarchical/de./example.de./dsset-example.de. create mode 100644 contrib/zkt/examples/hierarchical/de./example.de./keyset-example.de. create mode 100644 contrib/zkt/examples/hierarchical/de./example.de./keyset-sub.example.de. create mode 100644 contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./Ksub.example.de.+001+19793.key create mode 100644 contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./Ksub.example.de.+001+19793.private create mode 100644 contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./Ksub.example.de.+001+51977.depreciated create mode 100644 contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./Ksub.example.de.+001+51977.key create mode 100644 contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./Ksub.example.de.+001+55699.key create mode 100644 contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./Ksub.example.de.+001+55699.published create mode 100644 contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./Ksub.example.de.+005+40998.key create mode 100644 contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./Ksub.example.de.+005+40998.private create mode 100644 contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./dlvset-sub.example.de. create mode 100644 contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./dnskey.db create mode 100644 contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./dnssec.conf create mode 100644 contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./dsset-sub.example.de. create mode 100644 contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./keyset-sub.example.de. create mode 100644 contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./zone.db create mode 100644 contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./zone.db.signed create mode 100644 contrib/zkt/examples/hierarchical/de./example.de./zone.db create mode 100644 contrib/zkt/examples/hierarchical/de./example.de./zone.db.signed create mode 100644 contrib/zkt/examples/hierarchical/de./keyset-example.de. create mode 100644 contrib/zkt/examples/hierarchical/dnssec.conf create mode 100644 contrib/zkt/examples/hierarchical/named.conf create mode 100644 contrib/zkt/examples/hierarchical/zone.conf (limited to 'contrib/zkt/examples/hierarchical') diff --git a/contrib/zkt/examples/hierarchical/de./example.de./Kexample.de.+005+11867.key b/contrib/zkt/examples/hierarchical/de./example.de./Kexample.de.+005+11867.key new file mode 100644 index 0000000..a824208 --- /dev/null +++ b/contrib/zkt/examples/hierarchical/de./example.de./Kexample.de.+005+11867.key @@ -0,0 +1,3 @@ +;% generationtime=20080717083652 +;% lifetime=28d +example.de. IN DNSKEY 256 3 5 BQEAAAAByN2rMrazHwh+sNOv8cBef3HUotAQTS9QW4Y5NjNuyYNraJBA OqV8KSaGQqIhkh0ZD0oIm2h0JowdyERZVj6ZZQ== diff --git a/contrib/zkt/examples/hierarchical/de./example.de./Kexample.de.+005+11867.published b/contrib/zkt/examples/hierarchical/de./example.de./Kexample.de.+005+11867.published new file mode 100644 index 0000000..8703816 --- /dev/null +++ b/contrib/zkt/examples/hierarchical/de./example.de./Kexample.de.+005+11867.published @@ -0,0 +1,10 @@ +Private-key-format: v1.2 +Algorithm: 5 (RSASHA1) +Modulus: yN2rMrazHwh+sNOv8cBef3HUotAQTS9QW4Y5NjNuyYNraJBAOqV8KSaGQqIhkh0ZD0oIm2h0JowdyERZVj6ZZQ== +PublicExponent: AQAAAAE= +PrivateExponent: PUJ1+zrJn3r8Z+GcNmxwyHaNeLivsjSiSoGZu2FnlJHgHV3Kq5ZL+d5jeGpbPyW6Bc5z+NpkqGPuz/DG9C6OhQ== +Prime1: 8NWUn++L7p45k/tgcIoVKWe9Jgwtn4m8K8PkNQG1H4s= +Prime2: 1YPE6Nw/KsuDHPkM6NAqtnMWugaG9kDq348eSTkhSM8= +Exponent1: tF/x51phYle6xgqBLw3ixmkQJCSpCa3F51pb/zGieV0= +Exponent2: PeU/PmlccGmtux9ZC9rEdu/xmMERXZri3QdBtCzYDLs= +Coefficient: gMF5l8BpGn2VBO7XqZNTJWOkx1lBOytfBc4y6yh+Cn8= diff --git a/contrib/zkt/examples/hierarchical/de./example.de./Kexample.de.+005+17439.key b/contrib/zkt/examples/hierarchical/de./example.de./Kexample.de.+005+17439.key new file mode 100644 index 0000000..1986117 --- /dev/null +++ b/contrib/zkt/examples/hierarchical/de./example.de./Kexample.de.+005+17439.key @@ -0,0 +1,4 @@ +;% generationtime=20080506225722 +;% lifetime=20d +;% expirationtime=20080711220959 +example.de. IN DNSKEY 385 3 5 BQEAAAABCyg92L7v21N3lc/gR07/2iLmvt6dUn1KKauLvmkRuT040XT+ Rd3Iq20iq6BqVPsPS+hCOTRA3xikTIn5YzmPLPutIRtjIodHhsrML4D9 Pp1dzgEDKWLam96v+E7KC0GGH/BI6/WelqeqjS5BjI4Gjv4roaTyDCi6 3oXwcMFDVwrSjws4A/5AGANka41Aky+UCGse6+64YmNP/QkSXDAeBZqw rw== diff --git a/contrib/zkt/examples/hierarchical/de./example.de./Kexample.de.+005+17439.private b/contrib/zkt/examples/hierarchical/de./example.de./Kexample.de.+005+17439.private new file mode 100644 index 0000000..62b7ca4 --- /dev/null +++ b/contrib/zkt/examples/hierarchical/de./example.de./Kexample.de.+005+17439.private @@ -0,0 +1,10 @@ +Private-key-format: v1.2 +Algorithm: 5 (RSASHA1) +Modulus: Cyg92L7v21N3lc/gR07/2iLmvt6dUn1KKauLvmkRuT040XT+Rd3Iq20iq6BqVPsPS+hCOTRA3xikTIn5YzmPLPutIRtjIodHhsrML4D9Pp1dzgEDKWLam96v+E7KC0GGH/BI6/WelqeqjS5BjI4Gjv4roaTyDCi63oXwcMFDVwrSjws4A/5AGANka41Aky+UCGse6+64YmNP/QkSXDAeBZqwrw== +PublicExponent: AQAAAAE= +PrivateExponent: CGYBtGSIMmSFoqnh6yYuoYlvTP2O7vkBdRrfkN43NwdlQVhco+wQO55QxCZNhCcbp2xau9IdejetNH0pQ3Zfg2Vllx78F8VMTMqkgw2HudWS/RahkMg+Hq6DBUaX/LYt90ToGyy5+FmyBm4fOV8FxJVrmTFMw4m7ULp3FgRcxmzS5zNjKYP2LKU/pYz0wFpyAr88DGNjChgwvRN/GE4obsoJgQ== +Prime1: A18v8idXV3o9tpIzalTEpOeDX7OxKumhUsoDpPhOJf7XqHLS6hYoYwFbRObF23Zi/3kHiAoGffR1Dkd+ji3xZhFOSEcUDuikQ2jdzdY8NxbzQQ== +Prime2: A08XMjIEpsViYvYB+ChuYxPbq7Z/eHtT/r5f8zS+nuEUwYAlKeq/i+U5sIydC1txv5XQuRPqpjtlZTClJ85BpS0GnSspG5PcY3OMwkA2smLX7w== +Exponent1: AcLu8YM68M8LtP7Dr7vYI+vJK6RK5SN/mAnz4ALt53igCUB/iVrfvBWCHp7hEgkRZUQQoItbT9C6YXrC3G9DW+IldSP8vrtqYva4YDBD2X1LAQ== +Exponent2: JdJVp3CAJPPcx0KiKDS8gHDiu22CBV2w1cycnXgwFmJl4aQkbTA7/xlgl15r3lByacAc19JreArqgCQRQV3bS7NG2PiQmzO26XkwCq+Kj7OJ +Coefficient: i6sKgv2zpCvdY9fChryaf5nZyb4nFd2dG/vnjQScBz8YVw4LnfL/XqKIego0Ez6/KlL4AnvkcafzogJ+MtmBB7V4RXEyObcbR6M/MLGMhpL8 diff --git a/contrib/zkt/examples/hierarchical/de./example.de./Kexample.de.+005+35672.key b/contrib/zkt/examples/hierarchical/de./example.de./Kexample.de.+005+35672.key new file mode 100644 index 0000000..4836d51 --- /dev/null +++ b/contrib/zkt/examples/hierarchical/de./example.de./Kexample.de.+005+35672.key @@ -0,0 +1,3 @@ +;% generationtime=20080608210458 +;% lifetime=28d +example.de. IN DNSKEY 256 3 5 BQEAAAABnRJdmY7dzRKi93pVkLToV5FK4Ffm8YnY0c6IHKcAmb5t8FLv pNijniIclCPXTpfio+HNa59a4UA8jTdJb+kT0w== diff --git a/contrib/zkt/examples/hierarchical/de./example.de./Kexample.de.+005+35672.private b/contrib/zkt/examples/hierarchical/de./example.de./Kexample.de.+005+35672.private new file mode 100644 index 0000000..3b1b32e --- /dev/null +++ b/contrib/zkt/examples/hierarchical/de./example.de./Kexample.de.+005+35672.private @@ -0,0 +1,10 @@ +Private-key-format: v1.2 +Algorithm: 5 (RSASHA1) +Modulus: nRJdmY7dzRKi93pVkLToV5FK4Ffm8YnY0c6IHKcAmb5t8FLvpNijniIclCPXTpfio+HNa59a4UA8jTdJb+kT0w== +PublicExponent: AQAAAAE= +PrivateExponent: I2jMbjLfEzJ4iZHvXDTRZKM2/SXOLH9dTWkzH8zfbW+jzsKObfnt7/yJYaIHv0gQOvOAfQ46RutqryjQpLPtoQ== +Prime1: 0TgZK52tc+JlhyG5229kjntpXP0enYcMqROdLM9lSoM= +Prime2: wDFNEVHv0GDU7L7ZLPIuRewnHg9SHgSnQ+kOWDhZEHE= +Exponent1: aVdC0HyDAG7bvUkwx468HhrL/00lGXQYvnxoKqV3/dU= +Exponent2: quQ/NY7YkT3jYi649bQ9hsWDkaAoBf1FrIVPcf3FSXE= +Coefficient: Td8UjaaoC44Qt0jCQ4uULI1YUQRNdPYH3024NghryrE= diff --git a/contrib/zkt/examples/hierarchical/de./example.de./Kexample.de.+005+41145.key b/contrib/zkt/examples/hierarchical/de./example.de./Kexample.de.+005+41145.key new file mode 100644 index 0000000..3a636d4 --- /dev/null +++ b/contrib/zkt/examples/hierarchical/de./example.de./Kexample.de.+005+41145.key @@ -0,0 +1,3 @@ +;% generationtime=20080608210458 +;% lifetime=20d +example.de. IN DNSKEY 257 3 5 BQEAAAABDrm5aXRPuZOmwT4nINnY2qXyXWLtutggFAJgBW5Ua7uzAR+7 r/DcOE7IfjnT5FQhbYXIuKy61uOEqPu1TYvDsGb1pseKSB4J0jmXDU9N tu9TDp6X6ZXE11+cFdATa4TPnsAUMSxVkLZanrbyACmcNr1gjT3dz6qI VBVPb5OnUldndbgtlOX3wcE0aR/MIsIjz1UQl/QoxbVclZVOUNdJQGb9 zQ== diff --git a/contrib/zkt/examples/hierarchical/de./example.de./Kexample.de.+005+41145.private b/contrib/zkt/examples/hierarchical/de./example.de./Kexample.de.+005+41145.private new file mode 100644 index 0000000..b0466be --- /dev/null +++ b/contrib/zkt/examples/hierarchical/de./example.de./Kexample.de.+005+41145.private @@ -0,0 +1,10 @@ +Private-key-format: v1.2 +Algorithm: 5 (RSASHA1) +Modulus: Drm5aXRPuZOmwT4nINnY2qXyXWLtutggFAJgBW5Ua7uzAR+7r/DcOE7IfjnT5FQhbYXIuKy61uOEqPu1TYvDsGb1pseKSB4J0jmXDU9Ntu9TDp6X6ZXE11+cFdATa4TPnsAUMSxVkLZanrbyACmcNr1gjT3dz6qIVBVPb5OnUldndbgtlOX3wcE0aR/MIsIjz1UQl/QoxbVclZVOUNdJQGb9zQ== +PublicExponent: AQAAAAE= +PrivateExponent: AQM2fRAmc6coPLeTHAK1DCHOYCRPSjsHYXoOzwMzzdIpHschjfxka35UdNSGKYpqM9E+VTZmV96w9ZZK5recxYak/6F72ZYTIYtsWYqCkej18nzhpnlt4nASnRt0nsS9UVVwc1Y7QxqRtSVXEcgcbiW3lr0jq+PSBf/HjY9qOHV4ExXlz7KPYOWbJa1YLFnvGlMd/W7hmQvXNEfTvOwjKURV4Q== +Prime1: A/0Yax4evJzC7VSw0Swt0KNM7gtIJ9nwzDCrTymulzKhu6Wgeu0veU9OAGDhv0Yfmn0kr1JLITpMu4uo3a5jfLb18yZEAyPphejZBA+wPIll+Q== +Prime2: A7EcplBfPWZmeCeL6UnFz4h45nxi3jRfQT00k34Nu5aFt5v+ngExbatcoOMnEKZSq2SQKDQRTp6XBOiwPNB9mVaLmzl9k9tyX6JvkCBEDrM7dQ== +Exponent1: AjoJbjmJarH7I4Zj5UPc9r0I5NtVgrAx4ZltcqPN07/1cBS2QAnZuMSLUvv8pkK+Lng9Wdy9c2FL0XjWY5Q+ORYj4ONGl9OWpi2zKqpTw4WgOQ== +Exponent2: AZfFGuYsztbn6tHFUIdIeXfaFTYyVbSfCEUp2Uv8N75QMyyuT4dzAlkU2cfSg3oAefrlCKWqXtLv9XlOJ1hTeXZOz8jyYAyhvGWGoHmSbeaNKQ== +Coefficient: AX6DKJRk0GXwCnkpfbn91myfZ2wgsUTXKjqasdlTqm3JL9Rtpq8J2MWPhexcSSz8DNa5LQlGduE1nh4eqqntnSNckD6CeImMdWgTNbQS3zV8Bw== diff --git a/contrib/zkt/examples/hierarchical/de./example.de./Kexample.de.+005+59244.key b/contrib/zkt/examples/hierarchical/de./example.de./Kexample.de.+005+59244.key new file mode 100644 index 0000000..35d4c6a --- /dev/null +++ b/contrib/zkt/examples/hierarchical/de./example.de./Kexample.de.+005+59244.key @@ -0,0 +1,3 @@ +;% generationtime=20080711221000 +;% lifetime=20d +example.de. IN DNSKEY 257 3 5 BQEAAAABDfaBERX9p+FUi1OXYVig7zLCQFZoRYpwDDuLzBcC7k+G1+wW dftyA1vBm5HMpyq0OifT0Hsez4+H+0CIWHZP8oPCYfKrq+wM2EgMzDDO Yv+O1TQU4i3G+iONxB1RAwH/J2lA+U0zCbrdf0KLq/enNquchhPw4gCX 0RB9HC+TkpoPf2u7aKFcjlpw4C4uhDl1s6FpfdXe6NQWW6c+ONUcLAEt +w== diff --git a/contrib/zkt/examples/hierarchical/de./example.de./Kexample.de.+005+59244.published b/contrib/zkt/examples/hierarchical/de./example.de./Kexample.de.+005+59244.published new file mode 100644 index 0000000..b7f28db --- /dev/null +++ b/contrib/zkt/examples/hierarchical/de./example.de./Kexample.de.+005+59244.published @@ -0,0 +1,10 @@ +Private-key-format: v1.2 +Algorithm: 5 (RSASHA1) +Modulus: DfaBERX9p+FUi1OXYVig7zLCQFZoRYpwDDuLzBcC7k+G1+wWdftyA1vBm5HMpyq0OifT0Hsez4+H+0CIWHZP8oPCYfKrq+wM2EgMzDDOYv+O1TQU4i3G+iONxB1RAwH/J2lA+U0zCbrdf0KLq/enNquchhPw4gCX0RB9HC+TkpoPf2u7aKFcjlpw4C4uhDl1s6FpfdXe6NQWW6c+ONUcLAEt+w== +PublicExponent: AQAAAAE= +PrivateExponent: /MDd0rAZf9mm/3cDi6TjTqeegMmnidhKYIzxyz1+quzwOA16L3jLf3ucWjz/BlEiOYh1CZbAroGRYqBAskys8u7FDinOQEP5cEn5NUyL5z0WebSCO+qnaqaQSokRs0oUx3+e9tJc9GhhmZIVNXQe4mYxfeYCl6KZS9CXe22y31PkvJ+SQIBh/I+SQnM4rbW012rKroAxdHfTvmalofx+Qb1h +Prime1: A/5Pkk5UAGvEa06GrEcATMOjsxZ0BbgalPuJKLLTFzvtYhdlJY738oY0QfsHba9hEC+iiSwfjWYyNlH/7bcVqSFtbLJiJ0aUfvObj75qw4HjXQ== +Prime2: A38aQzy3UrARKcwUqCiQrSOTM5P7xIDfbruW7ywmaWA1lXCvP3EJAal6MYs0pG2vx1cxVTIPva3Se26NkGaBqZw+RgHxmRmfgxvSoCfWXGZZNw== +Exponent1: OvPYJBkVUbncb0mBtTe5uwa9RgGlCgW4ges93zf3UQuHGvAesUFNnMh6y9zi4vgyVNbz2KOSnA91onc9l42b6NwqRNbExGhDsMc8NQi16vnF +Exponent2: AkkCNzHuGv3HaQ4MpRT/PLPA2UONseMBvJHWlgK+aO2xb6/7I09sPqKnJ4f6Bj5jL8efNZYHWsaN4l335V9lc5791opU+07LHHpULn2qVRpJYw== +Coefficient: An94juF2F5cDtoMC6gwI5iaWDH/qxkeuZ62fnMFoMY18XO0/clTVfdW7XvXCOn1DQyDLDOYpxR5MfeDKkbxtGGYKABWBOWlyaS1A5D5wTQRJzw== diff --git a/contrib/zkt/examples/hierarchical/de./example.de./dnskey.db b/contrib/zkt/examples/hierarchical/de./example.de./dnskey.db new file mode 100644 index 0000000..bd106bd --- /dev/null +++ b/contrib/zkt/examples/hierarchical/de./example.de./dnskey.db @@ -0,0 +1,48 @@ +; +; !!! Don't edit this file by hand. +; !!! It will be generated by dnssec-signer. +; +; Last generation time Jul 29 2008 12:44:06 +; + +; *** List of Key Signing Keys *** +; example.de. tag=17439 algo=RSASHA1 generated Jun 19 2008 00:32:22 +example.de. 3600 IN DNSKEY 385 3 5 ( + BQEAAAABCyg92L7v21N3lc/gR07/2iLmvt6dUn1KKauLvmkRuT040XT+ + Rd3Iq20iq6BqVPsPS+hCOTRA3xikTIn5YzmPLPutIRtjIodHhsrML4D9 + Pp1dzgEDKWLam96v+E7KC0GGH/BI6/WelqeqjS5BjI4Gjv4roaTyDCi6 + 3oXwcMFDVwrSjws4A/5AGANka41Aky+UCGse6+64YmNP/QkSXDAeBZqw + rw== + ) ; key id = 17567 (original key id = 17439) + +; example.de. tag=41145 algo=RSASHA1 generated Jul 12 2008 00:10:00 +example.de. 3600 IN DNSKEY 257 3 5 ( + BQEAAAABDrm5aXRPuZOmwT4nINnY2qXyXWLtutggFAJgBW5Ua7uzAR+7 + r/DcOE7IfjnT5FQhbYXIuKy61uOEqPu1TYvDsGb1pseKSB4J0jmXDU9N + tu9TDp6X6ZXE11+cFdATa4TPnsAUMSxVkLZanrbyACmcNr1gjT3dz6qI + VBVPb5OnUldndbgtlOX3wcE0aR/MIsIjz1UQl/QoxbVclZVOUNdJQGb9 + zQ== + ) ; key id = 41145 + +; example.de. tag=59244 algo=RSASHA1 generated Jul 12 2008 00:10:00 +example.de. 3600 IN DNSKEY 257 3 5 ( + BQEAAAABDfaBERX9p+FUi1OXYVig7zLCQFZoRYpwDDuLzBcC7k+G1+wW + dftyA1vBm5HMpyq0OifT0Hsez4+H+0CIWHZP8oPCYfKrq+wM2EgMzDDO + Yv+O1TQU4i3G+iONxB1RAwH/J2lA+U0zCbrdf0KLq/enNquchhPw4gCX + 0RB9HC+TkpoPf2u7aKFcjlpw4C4uhDl1s6FpfdXe6NQWW6c+ONUcLAEt + +w== + ) ; key id = 59244 + +; *** List of Zone Signing Keys *** +; example.de. tag=35672 algo=RSASHA1 generated Jul 17 2008 10:36:52 +example.de. 3600 IN DNSKEY 256 3 5 ( + BQEAAAABnRJdmY7dzRKi93pVkLToV5FK4Ffm8YnY0c6IHKcAmb5t8FLv + pNijniIclCPXTpfio+HNa59a4UA8jTdJb+kT0w== + ) ; key id = 35672 + +; example.de. tag=11867 algo=RSASHA1 generated Jul 17 2008 10:36:52 +example.de. 3600 IN DNSKEY 256 3 5 ( + BQEAAAAByN2rMrazHwh+sNOv8cBef3HUotAQTS9QW4Y5NjNuyYNraJBA + OqV8KSaGQqIhkh0ZD0oIm2h0JowdyERZVj6ZZQ== + ) ; key id = 11867 + diff --git a/contrib/zkt/examples/hierarchical/de./example.de./dsset-example.de. b/contrib/zkt/examples/hierarchical/de./example.de./dsset-example.de. new file mode 100644 index 0000000..a2cb04a --- /dev/null +++ b/contrib/zkt/examples/hierarchical/de./example.de./dsset-example.de. @@ -0,0 +1,6 @@ +example.de. IN DS 17567 5 1 D2AE03CF2A76AA0A28AE8593B3D96E497C6508E5 +example.de. IN DS 17567 5 2 A9F2D82927721257F7C4325B402F664BBFE58780A786BB7B7188A0DB FD5D7008 +example.de. IN DS 41145 5 1 8F18A5F2A59AEF518DBA5A0CD0F0E259DD0F8C05 +example.de. IN DS 41145 5 2 BA5A78FB98E5A38554B4D73B32F15C4794AEE9E25934B3696B999451 A534102A +example.de. IN DS 59244 5 1 56F34A865AFA3A183D3C008490B94CB1D238BB9A +example.de. IN DS 59244 5 2 08C1BFC17C4634BE4A03A297D65E44CC8EB375B4027534541B7E0596 5E985313 diff --git a/contrib/zkt/examples/hierarchical/de./example.de./keyset-example.de. b/contrib/zkt/examples/hierarchical/de./example.de./keyset-example.de. new file mode 100644 index 0000000..2b40c68 --- /dev/null +++ b/contrib/zkt/examples/hierarchical/de./example.de./keyset-example.de. @@ -0,0 +1,28 @@ +$ORIGIN . +example.de 7200 IN DNSKEY 257 3 5 ( + BQEAAAABDfaBERX9p+FUi1OXYVig7zLCQFZo + RYpwDDuLzBcC7k+G1+wWdftyA1vBm5HMpyq0 + OifT0Hsez4+H+0CIWHZP8oPCYfKrq+wM2EgM + zDDOYv+O1TQU4i3G+iONxB1RAwH/J2lA+U0z + Cbrdf0KLq/enNquchhPw4gCX0RB9HC+TkpoP + f2u7aKFcjlpw4C4uhDl1s6FpfdXe6NQWW6c+ + ONUcLAEt+w== + ) ; key id = 59244 + 7200 IN DNSKEY 257 3 5 ( + BQEAAAABDrm5aXRPuZOmwT4nINnY2qXyXWLt + utggFAJgBW5Ua7uzAR+7r/DcOE7IfjnT5FQh + bYXIuKy61uOEqPu1TYvDsGb1pseKSB4J0jmX + DU9Ntu9TDp6X6ZXE11+cFdATa4TPnsAUMSxV + kLZanrbyACmcNr1gjT3dz6qIVBVPb5OnUldn + dbgtlOX3wcE0aR/MIsIjz1UQl/QoxbVclZVO + UNdJQGb9zQ== + ) ; key id = 41145 + 7200 IN DNSKEY 385 3 5 ( + BQEAAAABCyg92L7v21N3lc/gR07/2iLmvt6d + Un1KKauLvmkRuT040XT+Rd3Iq20iq6BqVPsP + S+hCOTRA3xikTIn5YzmPLPutIRtjIodHhsrM + L4D9Pp1dzgEDKWLam96v+E7KC0GGH/BI6/We + lqeqjS5BjI4Gjv4roaTyDCi63oXwcMFDVwrS + jws4A/5AGANka41Aky+UCGse6+64YmNP/QkS + XDAeBZqwrw== + ) ; key id = 17567 diff --git a/contrib/zkt/examples/hierarchical/de./example.de./keyset-sub.example.de. b/contrib/zkt/examples/hierarchical/de./example.de./keyset-sub.example.de. new file mode 100644 index 0000000..04ed33a --- /dev/null +++ b/contrib/zkt/examples/hierarchical/de./example.de./keyset-sub.example.de. @@ -0,0 +1,8 @@ +$ORIGIN . +sub.example.de 7200 IN DNSKEY 257 3 5 ( + BQEAAAABpL4/T8z6mCbTm46Y9+KJOgCAk+dG + HBoyg75N1f0lwYSZOLyyyOLWwDxlsfkb5Wwv + Z1ZG6NFmg/3o5N3Zd7TEkkvHZafRMrzHFicd + IMSvjmOWVBR0GsEb+reREu5X0sdZbqOuxT6C + kKoTXRpRZgU9ouus6W5bSWQAfdQIegTBBKk= + ) ; key id = 40998 diff --git a/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./Ksub.example.de.+001+19793.key b/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./Ksub.example.de.+001+19793.key new file mode 100644 index 0000000..6b6aca1 --- /dev/null +++ b/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./Ksub.example.de.+001+19793.key @@ -0,0 +1,3 @@ +;% generationtime=20080729104405 +;% lifetime=2d +sub.example.de. IN DNSKEY 256 3 1 BQEAAAABny2+yO3erGn/4hCJyG031zbeZa91KPPsQRfqgx3eNgyaQjfD 7NTKuAfJjbSTbHnvXF008duYET+UU9+hS01RIw== diff --git a/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./Ksub.example.de.+001+19793.private b/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./Ksub.example.de.+001+19793.private new file mode 100644 index 0000000..2377635 --- /dev/null +++ b/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./Ksub.example.de.+001+19793.private @@ -0,0 +1,10 @@ +Private-key-format: v1.2 +Algorithm: 1 (RSA) +Modulus: ny2+yO3erGn/4hCJyG031zbeZa91KPPsQRfqgx3eNgyaQjfD7NTKuAfJjbSTbHnvXF008duYET+UU9+hS01RIw== +PublicExponent: AQAAAAE= +PrivateExponent: njIKbIVXtg54r7CRULxKaNXpW0BUus3VYh/JBkMgd+runwCUtXUccG14jHrZ/H2M6Yx46EIYxebzoi0rStisAQ== +Prime1: zsU5EgehqDuowoV/yRkMTDa/b3unK6hUy4AnqCpumtE= +Prime2: xRPHnd4KuW4H4SueCLf3oduoTfOp6pl6cKdJyjooQbM= +Exponent1: WbbHa11huZfttfhiiocYX0zKzy+2hTHb8vXBJ27mIcE= +Exponent2: JrXRbJt0aQuZ7PEcBuYpcLp0d4WZFD0htANku1j9xHc= +Coefficient: y0cK7SB3Usly0yku3wY50DpxX0k+qPu8HztqHeGCXpg= diff --git a/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./Ksub.example.de.+001+51977.depreciated b/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./Ksub.example.de.+001+51977.depreciated new file mode 100644 index 0000000..934f630 --- /dev/null +++ b/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./Ksub.example.de.+001+51977.depreciated @@ -0,0 +1,10 @@ +Private-key-format: v1.2 +Algorithm: 1 (RSA) +Modulus: rPRVqWxFqCoVRrtQ8XYrbeogdBKBvEus359hPgFqYdGHvR1Kkyl8EhioksP/Tze5cGBHTSFCjIh+lGMPEssJCQ== +PublicExponent: AQAAAAE= +PrivateExponent: OGFXm5oxuztSyLrcmyhrWs14NTOKh745RZMjIUVyoem0SLRjkJWdqGlPnMsR+lmyVieKx6OhFTOZnbjRaeu2AQ== +Prime1: 1epbg5Yr1USYkwGu9zV7AXpB74Wfu7I3WDzPabBFQ+k= +Prime2: zvsD4Q/+PCmzXiRwsSlwZwtwpcSump1fuIve+REOCCE= +Exponent1: kMpHQJed0XNHcNZ2hcEZ1/yG3Ex4MZbdJ9DsK2Rgosk= +Exponent2: LEK4vqbV5lWlccULSqR0puA/1lFWmvRbS0yu7qp4OGE= +Coefficient: gXEyODoVUSbHQP2mar5cwP3BDdi1LwDYVvdvKYEPIrw= diff --git a/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./Ksub.example.de.+001+51977.key b/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./Ksub.example.de.+001+51977.key new file mode 100644 index 0000000..2c662a9 --- /dev/null +++ b/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./Ksub.example.de.+001+51977.key @@ -0,0 +1,3 @@ +;% generationtime=20080726213646 +;% lifetime=2d +sub.example.de. IN DNSKEY 256 3 1 BQEAAAABrPRVqWxFqCoVRrtQ8XYrbeogdBKBvEus359hPgFqYdGHvR1K kyl8EhioksP/Tze5cGBHTSFCjIh+lGMPEssJCQ== diff --git a/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./Ksub.example.de.+001+55699.key b/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./Ksub.example.de.+001+55699.key new file mode 100644 index 0000000..3a0fcec --- /dev/null +++ b/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./Ksub.example.de.+001+55699.key @@ -0,0 +1,3 @@ +;% generationtime=20080731111645 +;% lifetime=2d +sub.example.de. IN DNSKEY 256 3 1 BQEAAAABwutYROLC3W5wyq8jZEN7Fjgn2bLMoUAVJoteHeTZgfc11ekm /T+TEsR0L1Eazfc/MP+8X0OzdEl97NGOPtmT9w== diff --git a/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./Ksub.example.de.+001+55699.published b/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./Ksub.example.de.+001+55699.published new file mode 100644 index 0000000..b45db1f --- /dev/null +++ b/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./Ksub.example.de.+001+55699.published @@ -0,0 +1,10 @@ +Private-key-format: v1.2 +Algorithm: 1 (RSA) +Modulus: wutYROLC3W5wyq8jZEN7Fjgn2bLMoUAVJoteHeTZgfc11ekm/T+TEsR0L1Eazfc/MP+8X0OzdEl97NGOPtmT9w== +PublicExponent: AQAAAAE= +PrivateExponent: f7ufWzg6L93T6LUD9P4Enjv0YvfQoIAJwO3OLdaMTuvz7ehqy+FWuAzy4fQwBxr768pDWv/EZqpqPuDIifUCUQ== +Prime1: 50l7b5UFq5ejhH7Y/ZTA03M0JMZiIQDrpJdWL89sn6M= +Prime2: 178TrVx2Of4cF18K9sbgdrbQCL82IotrErwo5YAsb50= +Exponent1: Gs/D3DZdG7gy9INcfyIBH8pOHkcITjxJQbEJotYtp48= +Exponent2: xVkRB61kvgdvwcowk4UnL6FqBPi5p9Jk1AlNteSksMU= +Coefficient: Z9dHWKQ4b7QgZt5kzJNs4gW4iZPvD2pdm31V0jEbPoA= diff --git a/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./Ksub.example.de.+005+40998.key b/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./Ksub.example.de.+005+40998.key new file mode 100644 index 0000000..9c7c36c --- /dev/null +++ b/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./Ksub.example.de.+005+40998.key @@ -0,0 +1,3 @@ +;% generationtime=20080726221746 +;% lifetime=5d +sub.example.de. IN DNSKEY 257 3 5 BQEAAAABpL4/T8z6mCbTm46Y9+KJOgCAk+dGHBoyg75N1f0lwYSZOLyy yOLWwDxlsfkb5WwvZ1ZG6NFmg/3o5N3Zd7TEkkvHZafRMrzHFicdIMSv jmOWVBR0GsEb+reREu5X0sdZbqOuxT6CkKoTXRpRZgU9ouus6W5bSWQA fdQIegTBBKk= diff --git a/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./Ksub.example.de.+005+40998.private b/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./Ksub.example.de.+005+40998.private new file mode 100644 index 0000000..3e39f5a --- /dev/null +++ b/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./Ksub.example.de.+005+40998.private @@ -0,0 +1,10 @@ +Private-key-format: v1.2 +Algorithm: 5 (RSASHA1) +Modulus: pL4/T8z6mCbTm46Y9+KJOgCAk+dGHBoyg75N1f0lwYSZOLyyyOLWwDxlsfkb5WwvZ1ZG6NFmg/3o5N3Zd7TEkkvHZafRMrzHFicdIMSvjmOWVBR0GsEb+reREu5X0sdZbqOuxT6CkKoTXRpRZgU9ouus6W5bSWQAfdQIegTBBKk= +PublicExponent: AQAAAAE= +PrivateExponent: CrFKdhkCOgyF27Jc4GPfo7A6v2q0OgRE2nBdkw7XFUEADEHSVLA6XYUm3AZmAOWxTmrGU8EK+76hfC22DjA6O0BljTNdxLB5cGRL2Dxey603jCIEVt/ahIqyb2STr0pWYEVc3qAKJL93iP4v5r7fJt157sJhQF8F5Zpqj24QvmE= +Prime1: 1EpVvo011F2qgjesKSKplhqtvbmRPjTuhijb7531zIbxDzBF+lXCDyjt3Y/LrWS240t74vbZpo9FUZIETIf/FQ== +Prime2: xqm8Bk18u2WJZ9uUr+/MMPKfh6OgAFqtBwFi81FFJ62kHGL9i8AcychE9tD5IRu74KLCGW+Vk87lyLOF3WU0RQ== +Exponent1: JmLNa+QmMjHVDmAM833bF024/+NIyZgfNSDLnGXxTqYZ3PK/llLHIwBChLMKAQgFvt5PP0id1Nkc9N16xjkuFQ== +Exponent2: rZW7rMmQxQQRHD8TKQTAhCX+31n8jnq7gW9dyVpjY85GDuQe6+3rox6xvsMfUzEOgXk1lgnm46FAIHOH6DhMuQ== +Coefficient: MPoirwMUkLzLWeynO1Izy+lff70hnDnOcZEckS+Sy1TlUkk22uHBF4uNLkgoF26XqeKzK9pG1rCGfccfWTCayQ== diff --git a/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./dlvset-sub.example.de. b/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./dlvset-sub.example.de. new file mode 100644 index 0000000..c392b9a --- /dev/null +++ b/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./dlvset-sub.example.de. @@ -0,0 +1,2 @@ +sub.example.de.dlv.trusted-keys.net. IN DLV 40998 5 1 1414E9C46F367D787EEF2EC91E1FC66DD087AEAE +sub.example.de.dlv.trusted-keys.net. IN DLV 40998 5 2 6FE53984AB75C31A06778E9944F8CDB4790527D36BBD08CC1E90DA7A E32EEE5F diff --git a/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./dnskey.db b/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./dnskey.db new file mode 100644 index 0000000..e922c18 --- /dev/null +++ b/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./dnskey.db @@ -0,0 +1,35 @@ +; +; !!! Don't edit this file by hand. +; !!! It will be generated by dnssec-signer. +; +; Last generation time Jul 31 2008 13:16:45 +; + +; *** List of Key Signing Keys *** +; sub.example.de. tag=40998 algo=RSASHA1 generated Jul 27 2008 00:17:46 +sub.example.de. 3600 IN DNSKEY 257 3 5 ( + BQEAAAABpL4/T8z6mCbTm46Y9+KJOgCAk+dGHBoyg75N1f0lwYSZOLyy + yOLWwDxlsfkb5WwvZ1ZG6NFmg/3o5N3Zd7TEkkvHZafRMrzHFicdIMSv + jmOWVBR0GsEb+reREu5X0sdZbqOuxT6CkKoTXRpRZgU9ouus6W5bSWQA + fdQIegTBBKk= + ) ; key id = 40998 + +; *** List of Zone Signing Keys *** +; sub.example.de. tag=51977 algo=RSAMD5 generated Jul 29 2008 12:44:04 +sub.example.de. 3600 IN DNSKEY 256 3 1 ( + BQEAAAABrPRVqWxFqCoVRrtQ8XYrbeogdBKBvEus359hPgFqYdGHvR1K + kyl8EhioksP/Tze5cGBHTSFCjIh+lGMPEssJCQ== + ) ; key id = 51977 + +; sub.example.de. tag=19793 algo=RSAMD5 generated Jul 29 2008 12:44:05 +sub.example.de. 3600 IN DNSKEY 256 3 1 ( + BQEAAAABny2+yO3erGn/4hCJyG031zbeZa91KPPsQRfqgx3eNgyaQjfD + 7NTKuAfJjbSTbHnvXF008duYET+UU9+hS01RIw== + ) ; key id = 19793 + +; sub.example.de. tag=55699 algo=RSAMD5 generated Jul 31 2008 13:16:45 +sub.example.de. 3600 IN DNSKEY 256 3 1 ( + BQEAAAABwutYROLC3W5wyq8jZEN7Fjgn2bLMoUAVJoteHeTZgfc11ekm + /T+TEsR0L1Eazfc/MP+8X0OzdEl97NGOPtmT9w== + ) ; key id = 55699 + diff --git a/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./dnssec.conf b/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./dnssec.conf new file mode 100644 index 0000000..d7d33ca --- /dev/null +++ b/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./dnssec.conf @@ -0,0 +1,17 @@ +## +## dnssec-zkt v0.4 (c) Jan 2005 hoz hznet de ## +## + +resigninterval 36h +sigvalidity 2d +max_ttl 90s + +ksk_lifetime 5d +ksk_algo RSASHA1 +ksk_bits 1024 + +zsk_lifetime 2d +zsk_algo RSAMD5 +zsk_bits 512 + +dlv_domain "dlv.trusted-keys.net" diff --git a/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./dsset-sub.example.de. b/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./dsset-sub.example.de. new file mode 100644 index 0000000..b8ec77b --- /dev/null +++ b/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./dsset-sub.example.de. @@ -0,0 +1,2 @@ +sub.example.de. IN DS 40998 5 1 1414E9C46F367D787EEF2EC91E1FC66DD087AEAE +sub.example.de. IN DS 40998 5 2 6FE53984AB75C31A06778E9944F8CDB4790527D36BBD08CC1E90DA7A E32EEE5F diff --git a/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./keyset-sub.example.de. b/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./keyset-sub.example.de. new file mode 100644 index 0000000..04ed33a --- /dev/null +++ b/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./keyset-sub.example.de. @@ -0,0 +1,8 @@ +$ORIGIN . +sub.example.de 7200 IN DNSKEY 257 3 5 ( + BQEAAAABpL4/T8z6mCbTm46Y9+KJOgCAk+dG + HBoyg75N1f0lwYSZOLyyyOLWwDxlsfkb5Wwv + Z1ZG6NFmg/3o5N3Zd7TEkkvHZafRMrzHFicd + IMSvjmOWVBR0GsEb+reREu5X0sdZbqOuxT6C + kKoTXRpRZgU9ouus6W5bSWQAfdQIegTBBKk= + ) ; key id = 40998 diff --git a/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./zone.db b/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./zone.db new file mode 100644 index 0000000..05489a4 --- /dev/null +++ b/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./zone.db @@ -0,0 +1,25 @@ +;----------------------------------------------------------------- +; +; @(#) sub.example.de/zone.db +; +;----------------------------------------------------------------- + +$TTL 7200 + +@ IN SOA ns1.example.de. hostmaster.example.de. ( + 2008073101; Serial (up to 10 digits) + 86400 ; Refresh (RIPE recommendation if NOTIFY is used) + 1800 ; Retry + 2W ; Expire + 7200 ) ; Minimum + + + IN NS ns1.example.de. + +$INCLUDE dnskey.db + +localhost IN A 127.0.0.1 + +a IN A 1.2.3.4 +b IN A 1.2.3.5 +c IN A 1.2.3.6 diff --git a/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./zone.db.signed b/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./zone.db.signed new file mode 100644 index 0000000..d607de5 --- /dev/null +++ b/contrib/zkt/examples/hierarchical/de./example.de./sub.example.de./zone.db.signed @@ -0,0 +1,108 @@ +; File written on Thu Jul 31 13:16:45 2008 +; dnssec_signzone version 9.5.1b1 +sub.example.de. 7200 IN SOA ns1.example.de. hostmaster.example.de. ( + 2008073101 ; serial + 86400 ; refresh (1 day) + 1800 ; retry (30 minutes) + 1209600 ; expire (2 weeks) + 7200 ; minimum (2 hours) + ) + 7200 RRSIG SOA 1 3 7200 20080802100259 ( + 20080731101645 19793 sub.example.de. + d/lRqmf+AWENEHoKbG+ABspEFH0UEHsyue0o + DPPUzkAw/gZcHcwoCuf4AsbUYHz1HKyHjeUz + g2+AsH8mPZKGvg== ) + 7200 NS ns1.example.de. + 7200 RRSIG NS 1 3 7200 20080802095409 ( + 20080731101645 19793 sub.example.de. + VoXeajFhxMQjwVXspcxBN/lfM1R6hc1fIVdV + HjWlw0RSeCL7fBOY54HOIWcu6jHegMrjuB9y + KTOgEwv3r8kOiw== ) + 7200 NSEC a.sub.example.de. NS SOA RRSIG NSEC DNSKEY + 7200 RRSIG NSEC 1 3 7200 20080802095639 ( + 20080731101645 19793 sub.example.de. + cmhtmISCv2bbpBkgwyMuKNnlrNsJ3GViYUxT + lhQ8ASHjNH74mIuenBIGy+w3RxyDzoMk1w6Y + J0qpEvDF3FNvRQ== ) + 3600 DNSKEY 256 3 1 ( + BQEAAAABny2+yO3erGn/4hCJyG031zbeZa91 + KPPsQRfqgx3eNgyaQjfD7NTKuAfJjbSTbHnv + XF008duYET+UU9+hS01RIw== + ) ; key id = 19793 + 3600 DNSKEY 256 3 1 ( + BQEAAAABrPRVqWxFqCoVRrtQ8XYrbeogdBKB + vEus359hPgFqYdGHvR1Kkyl8EhioksP/Tze5 + cGBHTSFCjIh+lGMPEssJCQ== + ) ; key id = 51977 + 3600 DNSKEY 256 3 1 ( + BQEAAAABwutYROLC3W5wyq8jZEN7Fjgn2bLM + oUAVJoteHeTZgfc11ekm/T+TEsR0L1Eazfc/ + MP+8X0OzdEl97NGOPtmT9w== + ) ; key id = 55699 + 3600 DNSKEY 257 3 5 ( + BQEAAAABpL4/T8z6mCbTm46Y9+KJOgCAk+dG + HBoyg75N1f0lwYSZOLyyyOLWwDxlsfkb5Wwv + Z1ZG6NFmg/3o5N3Zd7TEkkvHZafRMrzHFicd + IMSvjmOWVBR0GsEb+reREu5X0sdZbqOuxT6C + kKoTXRpRZgU9ouus6W5bSWQAfdQIegTBBKk= + ) ; key id = 40998 + 3600 RRSIG DNSKEY 1 3 3600 20080802100935 ( + 20080731101645 19793 sub.example.de. + WU1UIuqpuCLRe/46p4u2eqEvKrfsBvKpzKmx + TLG2AX+AOxWhRH5CqZ1zDiKUd+Xu6ekGxB/g + ZOu0rsPqvux2PA== ) + 3600 RRSIG DNSKEY 5 3 3600 20080802100334 ( + 20080731101645 40998 sub.example.de. + WW23Oq06HTSt5R/4Ds/nOl1n0Egsbf4bztB8 + MZQAv6khorlDzmy3B4WPG1f79yuc26Zb6/Z9 + QxNH0s68kp3X/eBR7FTEfHehsKaoRtaxldhz + V0VjOKI2iu4mhA6n/P0bAEhfxFxxde5tymP/ + Od6//GN4UmNi9LCwWtLbGnF4Gpc= ) +a.sub.example.de. 7200 IN A 1.2.3.4 + 7200 RRSIG A 1 4 7200 20080802095159 ( + 20080731101645 19793 sub.example.de. + LxVthdAkEiBec6khr63+rufhSwtByBNvff8e + HEG/m+yusTBVqVoUp987aabxqaeW5v6f4GaB + 4iK4mspVH4Md7A== ) + 7200 NSEC b.sub.example.de. A RRSIG NSEC + 7200 RRSIG NSEC 1 4 7200 20080802100843 ( + 20080731101645 19793 sub.example.de. + HEqR2LChtQD2AeGCBhCsCemP3kjwAGi3RIXu + UpklHVo44Yu+JINnO/jxZ61CtlvBaZ25dpjt + 4ldl+d6z3bs4pQ== ) +b.sub.example.de. 7200 IN A 1.2.3.5 + 7200 RRSIG A 1 4 7200 20080802095415 ( + 20080731101645 19793 sub.example.de. + eLTaD1maS++Py3rybVftMtz0V8QnJenAH6tQ + PIcoZElIaLt8DGfwJYPmIPJlhwNlyqJH7d2A + SDEWBEFsFCnMkg== ) + 7200 NSEC c.sub.example.de. A RRSIG NSEC + 7200 RRSIG NSEC 1 4 7200 20080802094836 ( + 20080731101645 19793 sub.example.de. + nHvo1ValqHljlwCiPI51hdl0lnd5WiDIHbo7 + MMxxZrYLNAP9ECK5DCzht9UrEGgIpI/MAvsU + 7S7eIlt0jBSehg== ) +c.sub.example.de. 7200 IN A 1.2.3.6 + 7200 RRSIG A 1 4 7200 20080802095037 ( + 20080731101645 19793 sub.example.de. + eVluthAz6YLAJWSaroRGuf5IsjhHoLz60Ot9 + 1KTnw9zAFU16H6vuQ/TIH7ZzHOT0CgdwawF5 + V0L4MAkK76H00w== ) + 7200 NSEC localhost.sub.example.de. A RRSIG NSEC + 7200 RRSIG NSEC 1 4 7200 20080802100135 ( + 20080731101645 19793 sub.example.de. + KRTIiVJPkQayfB8k6sIWyZPm6fqQAZbs8BQ4 + jz/EGrHj3oFPRULUpLMKUdLFAp0kU0qRqCwl + Ull//CFV9J272A== ) +localhost.sub.example.de. 7200 IN A 127.0.0.1 + 7200 RRSIG A 1 4 7200 20080802095833 ( + 20080731101645 19793 sub.example.de. + fXGLRIRCvK/Q9D+dQTia3HUe1xlVBwBL1vcY + wRWdvNQgXQnOkpGtcb9fjKXkPz34SirmyESh + 8kYWUvV1kghBzA== ) + 7200 NSEC sub.example.de. A RRSIG NSEC + 7200 RRSIG NSEC 1 4 7200 20080802101452 ( + 20080731101645 19793 sub.example.de. + EqI9jcbxtroVBCVrCLWezzcxNvwm2xl/1nCt + 6Nogs3WvBPpMExUX2tWvpJMV14vpFSW2qWQK + UoFq9NHsH2WSDw== ) diff --git a/contrib/zkt/examples/hierarchical/de./example.de./zone.db b/contrib/zkt/examples/hierarchical/de./example.de./zone.db new file mode 100644 index 0000000..c485181 --- /dev/null +++ b/contrib/zkt/examples/hierarchical/de./example.de./zone.db @@ -0,0 +1,37 @@ +;----------------------------------------------------------------- +; +; @(#) example.de/zone.db +; +;----------------------------------------------------------------- + +$TTL 7200 + +; Be sure that the serial number below is left +; justified in a field of at least 10 chars!! +; 0123456789; +; It's also possible to use the date form e.g. 2005040101 +@ IN SOA ns1.example.de. hostmaster.example.de. ( + 258 ; Serial + 43200 ; Refresh + 1800 ; Retry + 2W ; Expire + 7200 ) ; Minimum + + IN NS ns1.example.de. + IN NS ns2.example.de. + +ns1 IN A 1.0.0.5 + IN AAAA 2001:db8::53 +ns2 IN A 1.2.0.6 + +localhost IN A 127.0.0.1 + +; Delegation to secure zone; The DS resource record will +; be added by dnssec-signzone automatically if the +; keyset-sub.example.de file is present (run dnssec-signzone +; with option -g or use the dnssec-signer tool) ;-) +sub IN NS ns1.example.de. + +; this file will have all the zone keys +$INCLUDE dnskey.db + diff --git a/contrib/zkt/examples/hierarchical/de./example.de./zone.db.signed b/contrib/zkt/examples/hierarchical/de./example.de./zone.db.signed new file mode 100644 index 0000000..4b9b3dc --- /dev/null +++ b/contrib/zkt/examples/hierarchical/de./example.de./zone.db.signed @@ -0,0 +1,147 @@ +; File written on Tue Jul 29 12:44:06 2008 +; dnssec_signzone version 9.5.1b1 +example.de. 7200 IN SOA ns1.example.de. hostmaster.example.de. ( + 258 ; serial + 43200 ; refresh (12 hours) + 1800 ; retry (30 minutes) + 1209600 ; expire (2 weeks) + 7200 ; minimum (2 hours) + ) + 7200 RRSIG SOA 5 2 7200 20080808092956 ( + 20080729094406 35672 example.de. + UufM9vATUwvqXJjvgt9WGAytmMhd7Pz/3DK0 + 6a9uReXHcU4NcO0BhTP9chwXAQC5pI2ucRxs + /4p/Vc/L91wUMA== ) + 7200 NS ns1.example.de. + 7200 NS ns2.example.de. + 7200 RRSIG NS 5 2 7200 20080808091515 ( + 20080729094406 35672 example.de. + hpHATL81t7GASSKPPBuheQqBqXU688itETkN + QYfy/OwcE/7g+LvS1oHEBRds6neRkXxUpDa1 + hsdbbCDo6UuHSg== ) + 7200 NSEC localhost.example.de. NS SOA RRSIG NSEC DNSKEY + 7200 RRSIG NSEC 5 2 7200 20080808092007 ( + 20080729094406 35672 example.de. + aN9cYobVe+qJ5Gw0GPMQI3V7vPQaF7cBuX6T + +yWZ/TAHhKcJYqbwOQH2XQar2s+JwckEMSdI + HFPySUOtQaNNxA== ) + 3600 DNSKEY 256 3 5 ( + BQEAAAABnRJdmY7dzRKi93pVkLToV5FK4Ffm + 8YnY0c6IHKcAmb5t8FLvpNijniIclCPXTpfi + o+HNa59a4UA8jTdJb+kT0w== + ) ; key id = 35672 + 3600 DNSKEY 256 3 5 ( + BQEAAAAByN2rMrazHwh+sNOv8cBef3HUotAQ + TS9QW4Y5NjNuyYNraJBAOqV8KSaGQqIhkh0Z + D0oIm2h0JowdyERZVj6ZZQ== + ) ; key id = 11867 + 3600 DNSKEY 257 3 5 ( + BQEAAAABDfaBERX9p+FUi1OXYVig7zLCQFZo + RYpwDDuLzBcC7k+G1+wWdftyA1vBm5HMpyq0 + OifT0Hsez4+H+0CIWHZP8oPCYfKrq+wM2EgM + zDDOYv+O1TQU4i3G+iONxB1RAwH/J2lA+U0z + Cbrdf0KLq/enNquchhPw4gCX0RB9HC+TkpoP + f2u7aKFcjlpw4C4uhDl1s6FpfdXe6NQWW6c+ + ONUcLAEt+w== + ) ; key id = 59244 + 3600 DNSKEY 257 3 5 ( + BQEAAAABDrm5aXRPuZOmwT4nINnY2qXyXWLt + utggFAJgBW5Ua7uzAR+7r/DcOE7IfjnT5FQh + bYXIuKy61uOEqPu1TYvDsGb1pseKSB4J0jmX + DU9Ntu9TDp6X6ZXE11+cFdATa4TPnsAUMSxV + kLZanrbyACmcNr1gjT3dz6qIVBVPb5OnUldn + dbgtlOX3wcE0aR/MIsIjz1UQl/QoxbVclZVO + UNdJQGb9zQ== + ) ; key id = 41145 + 3600 DNSKEY 385 3 5 ( + BQEAAAABCyg92L7v21N3lc/gR07/2iLmvt6d + Un1KKauLvmkRuT040XT+Rd3Iq20iq6BqVPsP + S+hCOTRA3xikTIn5YzmPLPutIRtjIodHhsrM + L4D9Pp1dzgEDKWLam96v+E7KC0GGH/BI6/We + lqeqjS5BjI4Gjv4roaTyDCi63oXwcMFDVwrS + jws4A/5AGANka41Aky+UCGse6+64YmNP/QkS + XDAeBZqwrw== + ) ; key id = 17567 + 3600 RRSIG DNSKEY 5 2 3600 20080808092214 ( + 20080729094406 41145 example.de. + BMVp5vW7MgvrhoGfqQhdwGg1mBHNw4xnI+YX + XMYqOAMMRmFg7G6Vn+UcFmUoL1AdUKIdXPp7 + t30UREHQspELWmnLVdJ36HRmzk1eNgwLFuUM + l+Lr+KeoufJ2QlF4TWeItozv0pgmkxaOr0Im + fzRmWKs84rwautwY+R/b5wrCMfZt96/JPGA0 + 4JWDls1wJ7iR0LtiJxe7mvtNRZ5krPFKXBRz + nA== ) + 3600 RRSIG DNSKEY 5 2 3600 20080808092411 ( + 20080729094406 17567 example.de. + BmHQcJsmGmt7HZHqWPAHQuelDrWXASUy7tgc + W4RVIed4voZiHyvxfTPR3cldIWpdP2RqxMm8 + Dj5hlYRqnVt3phSSnwpczcPkfQD4meTqK0DJ + kpX/mBCMHedfvATKf82A9wri13/Zi97N6sTK + 4VZZIWaUH/YDYyMwxgK70+jU0m2N8Iebm3s6 + RshTMxAZjiSH29mgow/HSHtf+cnaTUGAr83P + ug== ) + 3600 RRSIG DNSKEY 5 2 3600 20080808093317 ( + 20080729094406 35672 example.de. + Q5UnfDMbzApCl/wOy9IDna25UVvjKhuV/dos + hFKPUArM4wDx9kJU5tc1Eatwh4MAXPM81kNW + 6DbiKMXJpO7biQ== ) +localhost.example.de. 7200 IN A 127.0.0.1 + 7200 RRSIG A 5 3 7200 20080808092724 ( + 20080729094406 35672 example.de. + JW8ScAtavvTR0fHI/ZDZTgARHSXM/QcLT+w6 + dl6kaeR/9JqxTKpKnH6mtYYdfqom4siJnZCI + D66sltGHW/er+Q== ) + 7200 NSEC ns1.example.de. A RRSIG NSEC + 7200 RRSIG NSEC 5 3 7200 20080808094047 ( + 20080729094406 35672 example.de. + XsTqHahVRcPPyrdffkdyBj0BFlTx2vkmfrvY + IIQcaNiUxrgZfyDBQ1GZbL4tDGK/ujValdz9 + s2s+6ISxxobC3A== ) +ns1.example.de. 7200 IN A 1.0.0.5 + 7200 RRSIG A 5 3 7200 20080808091743 ( + 20080729094406 35672 example.de. + ljYOmOC9r3RlsohXrHt40sIQuF98JSkRSFHb + xKlcToqEVSgxAKkMlwPKBQPaHtRdQhIVkxly + OpCYxAQSguB/MA== ) + 7200 AAAA 2001:db8::53 + 7200 RRSIG AAAA 5 3 7200 20080808094144 ( + 20080729094406 35672 example.de. + nNchBWvoPtgRNxaz9bmFwvv/KtgloYq1SGti + 59yQFFm6ixY0p0l0d+U5nnwgI1iS5h0JGYqI + 0mOu0mNbxtt9gQ== ) + 7200 NSEC ns2.example.de. A AAAA RRSIG NSEC + 7200 RRSIG NSEC 5 3 7200 20080808092537 ( + 20080729094406 35672 example.de. + MgnxPyKHMqQXnmfjh5ffr0FRvgRyl7D56phx + xKzTquSXDECP5ORpDxvybixbvHvM8R59LjYH + 1OZ3fi+/kWVAJg== ) +ns2.example.de. 7200 IN A 1.2.0.6 + 7200 RRSIG A 5 3 7200 20080808091624 ( + 20080729094406 35672 example.de. + MkrwvOLYJQvoNFNeqtLOOmDnVFY0n7qdTOUL + Ia2stlfOn7r/7f4lKQTE5UMM+SBN2iizV4qc + SFFUxREAI5UGkQ== ) + 7200 NSEC sub.example.de. A RRSIG NSEC + 7200 RRSIG NSEC 5 3 7200 20080808094337 ( + 20080729094406 35672 example.de. + QE8DYRraVloZVQi2RTpYwxEY1P0u3ovHgC58 + AR1NiLtbQ0YCsPJZeIhVSXbdd8qLZzb5gsJ2 + 9AU6m1TfAa5WSw== ) +sub.example.de. 7200 IN NS ns1.example.de. + 7200 DS 40998 5 1 ( + 1414E9C46F367D787EEF2EC91E1FC66DD087 + AEAE ) + 7200 DS 40998 5 2 ( + 6FE53984AB75C31A06778E9944F8CDB47905 + 27D36BBD08CC1E90DA7AE32EEE5F ) + 7200 RRSIG DS 5 3 7200 20080808092142 ( + 20080729094406 35672 example.de. + cdyXeVNOD5TBuab8JFkwcf4GiS2n9F4tgct/ + ZedULbikEqO0CyJddPW3wSsNAZeP2tgXJNI8 + H6SutDh0IiR5MA== ) + 7200 NSEC example.de. NS DS RRSIG NSEC + 7200 RRSIG NSEC 5 3 7200 20080808091754 ( + 20080729094406 35672 example.de. + jkvn4NznbaH8S5PeWkPf/cHaq19kNav8Y78E + 3GVQHD3ApcDAMs8gImjRrJMT1lqSB7yCu/5f + k3CPfTs/+p/8Og== ) diff --git a/contrib/zkt/examples/hierarchical/de./keyset-example.de. b/contrib/zkt/examples/hierarchical/de./keyset-example.de. new file mode 100644 index 0000000..2b40c68 --- /dev/null +++ b/contrib/zkt/examples/hierarchical/de./keyset-example.de. @@ -0,0 +1,28 @@ +$ORIGIN . +example.de 7200 IN DNSKEY 257 3 5 ( + BQEAAAABDfaBERX9p+FUi1OXYVig7zLCQFZo + RYpwDDuLzBcC7k+G1+wWdftyA1vBm5HMpyq0 + OifT0Hsez4+H+0CIWHZP8oPCYfKrq+wM2EgM + zDDOYv+O1TQU4i3G+iONxB1RAwH/J2lA+U0z + Cbrdf0KLq/enNquchhPw4gCX0RB9HC+TkpoP + f2u7aKFcjlpw4C4uhDl1s6FpfdXe6NQWW6c+ + ONUcLAEt+w== + ) ; key id = 59244 + 7200 IN DNSKEY 257 3 5 ( + BQEAAAABDrm5aXRPuZOmwT4nINnY2qXyXWLt + utggFAJgBW5Ua7uzAR+7r/DcOE7IfjnT5FQh + bYXIuKy61uOEqPu1TYvDsGb1pseKSB4J0jmX + DU9Ntu9TDp6X6ZXE11+cFdATa4TPnsAUMSxV + kLZanrbyACmcNr1gjT3dz6qIVBVPb5OnUldn + dbgtlOX3wcE0aR/MIsIjz1UQl/QoxbVclZVO + UNdJQGb9zQ== + ) ; key id = 41145 + 7200 IN DNSKEY 385 3 5 ( + BQEAAAABCyg92L7v21N3lc/gR07/2iLmvt6d + Un1KKauLvmkRuT040XT+Rd3Iq20iq6BqVPsP + S+hCOTRA3xikTIn5YzmPLPutIRtjIodHhsrM + L4D9Pp1dzgEDKWLam96v+E7KC0GGH/BI6/We + lqeqjS5BjI4Gjv4roaTyDCi63oXwcMFDVwrS + jws4A/5AGANka41Aky+UCGse6+64YmNP/QkS + XDAeBZqwrw== + ) ; key id = 17567 diff --git a/contrib/zkt/examples/hierarchical/dnssec.conf b/contrib/zkt/examples/hierarchical/dnssec.conf new file mode 100644 index 0000000..12da654 --- /dev/null +++ b/contrib/zkt/examples/hierarchical/dnssec.conf @@ -0,0 +1,40 @@ +# +# @(#) dnssec.conf vT0.96 (c) Feb 2005 - May 2008 Holger Zuleger hznet.de +# + +# dnssec-zkt options +Zonedir: "." +Recursive: True +PrintTime: False +PrintAge: True +LeftJustify: False + +# zone specific values +ResignInterval: 1w # (604800 seconds) +Sigvalidity: 10d # (864000 seconds) +Max_TTL: 6h # (21600 seconds) +Propagation: 5m # (300 seconds) +KEY_TTL: 1h # (3600 seconds) +Serialformat: incremental + +# signing key parameters +KSK_lifetime: 20d # (1728000 seconds) +KSK_algo: RSASHA1 # (Algorithm ID 5) +KSK_bits: 1300 +KSK_randfile: "/dev/urandom" +ZSK_lifetime: 4w # (2419200 seconds) +ZSK_algo: RSASHA1 # (Algorithm ID 5) +ZSK_bits: 512 +ZSK_randfile: "/dev/urandom" + +# dnssec-signer options +LogFile: "log" +LogLevel: "info" +SyslogFacility: "user" +SyslogLevel: "notice" +Keyfile: "dnskey.db" +Zonefile: "zone.db" +KeySetDir: ".." +DLV_Domain: "" +Sig_Pseudorand: True +Sig_Parameter: "-j 1800" diff --git a/contrib/zkt/examples/hierarchical/named.conf b/contrib/zkt/examples/hierarchical/named.conf new file mode 100644 index 0000000..8bd3f9d --- /dev/null +++ b/contrib/zkt/examples/hierarchical/named.conf @@ -0,0 +1,102 @@ +/***************************************************************** +** +** #(@) named.conf (c) 6. May 2004 (hoz) +** +*****************************************************************/ + +/***************************************************************** +** logging options +*****************************************************************/ +logging { + channel "named-log" { + file "/var/log/named" versions 3 size 2m; + print-time yes; + print-category yes; + print-severity yes; + severity info; + }; + channel "resolver-log" { + file "/var/log/named"; + print-time yes; + print-category yes; + print-severity yes; + severity debug 1; + }; + channel "dnssec-log" { +# file "/var/log/named-dnssec" ; + file "/var/log/named" ; + print-time yes; + print-category yes; + print-severity yes; + severity debug 3; + }; + category "dnssec" { "dnssec-log"; }; + category "default" { "named-log"; }; + category "resolver" { "resolver-log"; }; + category "client" { "resolver-log"; }; + category "queries" { "resolver-log"; }; +}; + +/***************************************************************** +** name server options +*****************************************************************/ +options { + directory "."; + + dump-file "/var/log/named_dump.db"; + statistics-file "/var/log/named.stats"; + + listen-on-v6 { any; }; + + query-source address * port 53; + transfer-source * port 53; + notify-source * port 53; + + recursion yes; + dnssec-enable yes; + edns-udp-size 4096; + +# dnssec-lookaside "." trust-anchor "trusted-keys.de."; + + querylog yes; + +}; + +/***************************************************************** +** include shared secrets... +*****************************************************************/ +/** for control sessions ... **/ +# include "rndc.key"; +controls { + inet 127.0.0.1 + allow { localhost; } + keys { "rndc-key"; }; + inet ::1 + allow { localhost; } + keys { "rndc-key"; }; +}; + +/***************************************************************** +** ... and trusted_keys +*****************************************************************/ +# include "trusted-keys.conf" ; + +/***************************************************************** +** root server hints and required 127 stuff +*****************************************************************/ +zone "." in { + type hint; + file "root.hint"; +}; + +zone "localhost" in { + type master; + file "localhost.zone"; +}; + +zone "0.0.127.in-addr.arpa" in { + type master; + file "127.0.0.zone"; +}; + +include "zone.conf"; diff --git a/contrib/zkt/examples/hierarchical/zone.conf b/contrib/zkt/examples/hierarchical/zone.conf new file mode 100644 index 0000000..6944d5a --- /dev/null +++ b/contrib/zkt/examples/hierarchical/zone.conf @@ -0,0 +1,10 @@ + +zone "example.de." in { + type master; + file "de./example.de./zone.db.signed"; +}; + +zone "sub.example.de." in { + type master; + file "de./example.de./sub.example.de./zone.db.signed"; +}; -- cgit