#   
#   	@(#) dnssec.conf vT0.96 (c) Feb 2005 - May 2008 Holger Zuleger hznet.de
#   

#   dnssec-zkt options
Zonedir:	"intern"
Recursive:	True
PrintTime:	False
PrintAge:	True
LeftJustify:	False

#   zone specific values
ResignInterval:	5h	# (18000 seconds)
Sigvalidity:	1d	# (86400 seconds)
Max_TTL:	30m	# (1800 seconds)
Propagation:	1m	# (60 seconds)
KEY_TTL:	30m	# (1800 seconds)
Serialformat:	unixtime

#   signing key parameters
KSK_lifetime:	1y	# (31536000 seconds)
KSK_algo:	RSASHA1	# (Algorithm ID 5)
KSK_bits:	1300
KSK_randfile:	"/dev/urandom"
ZSK_lifetime:	30d	# (2592000 seconds)
ZSK_algo:	RSASHA1	# (Algorithm ID 5)
ZSK_bits:	512
ZSK_randfile:	"/dev/urandom"

#   dnssec-signer options
LogFile:	"zkt-int.log"
LogLevel:	"debug"
SyslogFacility:	"none"
SyslogLevel:	"notice"
VerboseLog:	2
Keyfile:	"dnskey.db"
Zonefile:	"zone.db"
DLV_Domain:	""
Sig_Pseudorand:	True