mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-30 05:57:52 +00:00
Code Issues Releases Wiki Activity

Clarify dnssec-keyfromlabel -a in man page

Browse Source
This commit is contained in:
Petr Špaček 2022-06-09 14:48:53 +02:00
parent e93c2e9a0f
commit 5f53003dae
No known key found for this signature in database
GPG Key ID: ABD587CDF06581AE
2 changed files with 8 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
bin/dnssec/dnssec-keyfromlabel.rst
View File

@ -45,20 +45,16 @@ Options
be one of RSASHA1, NSEC3RSASHA1, RSASHA256, RSASHA512,
ECDSAP256SHA256, ECDSAP384SHA384, ED25519, or ED448.
If no algorithm is specified, RSASHA1 is used by default
unless the :option:`-3` option is specified, in which case NSEC3RSASHA1
is used instead. (If :option:`-3` is used and an algorithm is
specified, that algorithm is checked for compatibility with
NSEC3.)
These values are case-insensitive. In some cases, abbreviations are
supported, such as ECDSA256 for ECDSAP256SHA256 and ECDSA384 for
ECDSAP384SHA384. If RSASHA1 is specified along with the :option:`-3`
option, then NSEC3RSASHA1 is used instead.
Since BIND 9.12.0, this option is mandatory except when using the
This option is mandatory except when using the
:option:`-S` option, which copies the algorithm from the predecessory key.
Previously, the default for newly generated keys was RSASHA1.
.. versionchanged:: 9.12.0
The default value RSASHA1 for newly generated keys was removed.
.. option:: -3

12
doc/man/dnssec-keyfromlabel.1in
View File

@ -52,20 +52,16 @@ This option selects the cryptographic algorithm. The value of \fBalgorithm\fP mu
be one of RSASHA1, NSEC3RSASHA1, RSASHA256, RSASHA512,
ECDSAP256SHA256, ECDSAP384SHA384, ED25519, or ED448.
.sp
If no algorithm is specified, RSASHA1 is used by default
unless the \fI\%\-3\fP option is specified, in which case NSEC3RSASHA1
is used instead. (If \fI\%\-3\fP is used and an algorithm is
specified, that algorithm is checked for compatibility with
NSEC3.)
.sp
These values are case\-insensitive. In some cases, abbreviations are
supported, such as ECDSA256 for ECDSAP256SHA256 and ECDSA384 for
ECDSAP384SHA384. If RSASHA1 is specified along with the \fI\%\-3\fP
option, then NSEC3RSASHA1 is used instead.
.sp
Since BIND 9.12.0, this option is mandatory except when using the
This option is mandatory except when using the
\fI\%\-S\fP option, which copies the algorithm from the predecessory key.
Previously, the default for newly generated keys was RSASHA1.
.sp
Changed in version 9.12.0: The default value RSASHA1 for newly generated keys was removed.
.UNINDENT
.INDENT 0.0
.TP