mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-31 22:45:39 +00:00
Code Issues Releases Wiki Activity

Merge branch 'mr1106-remove-some-more-algorithm-references-master' into 'master'

Browse Source 
(master) Mr1106 remove some more algorithm references

See merge request isc-projects/bind9!1192
This commit is contained in:
Ondřej Surý
2018-12-06 09:39:41 -05:00
parent 1cf2f7d077 0737079824
commit 6f11f90ef4
3 changed files with 11 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
bin/dnssec/dnssec-dsfromkey.c
View File

@@ -330,7 +330,7 @@ usage(void) {
fprintf(stderr, " -K <directory>: directory in which to find " fprintf(stderr, " -K <directory>: directory in which to find "
"key file or keyset file\n"); "key file or keyset file\n");
fprintf(stderr, " -a algorithm: digest algorithm " fprintf(stderr, " -a algorithm: digest algorithm "
"(SHA-1, SHA-256, GOST or SHA-384)\n"); "(SHA-1, SHA-256 or SHA-384)\n");
fprintf(stderr, " -1: use SHA-1\n"); fprintf(stderr, " -1: use SHA-1\n");
fprintf(stderr, " -2: use SHA-256\n"); fprintf(stderr, " -2: use SHA-256\n");
fprintf(stderr, " -C: print CDS record\n"); fprintf(stderr, " -C: print CDS record\n");

10
bin/dnssec/dnssec-keygen.docbook
View File

@@ -605,22 +605,22 @@
<refsection><info><title>EXAMPLE</title></info> <refsection><info><title>EXAMPLE</title></info>
<para> <para>
To generate a 768-bit DSA key for the domain To generate an ECDSAP256SHA256 key for the domain
<userinput>example.com</userinput>, the following command would be <userinput>example.com</userinput>, the following command would be
issued: issued:
</para> </para>
<para><userinput>dnssec-keygen -a DSA -b 768 -n ZONE example.com</userinput> <para><userinput>dnssec-keygen -a ECDSAP256SHA256 -n ZONE example.com</userinput>
</para> </para>
<para> <para>
The command would print a string of the form: The command would print a string of the form:
</para> </para>
<para><userinput>Kexample.com.+003+26160</userinput> <para><userinput>Kexample.com.+013+26160</userinput>
</para> </para>
<para> <para>
In this example, <command>dnssec-keygen</command> creates In this example, <command>dnssec-keygen</command> creates
the files <filename>Kexample.com.+003+26160.key</filename> the files <filename>Kexample.com.+013+26160.key</filename>
and and
<filename>Kexample.com.+003+26160.private</filename>. <filename>Kexample.com.+013+26160.private</filename>.
</para> </para>
</refsection> </refsection>

9
bin/dnssec/dnssec-signzone.docbook
View File

@@ -787,15 +787,16 @@
<para> <para>
The following command signs the <userinput>example.com</userinput> The following command signs the <userinput>example.com</userinput>
zone with the DSA key generated by <command>dnssec-keygen</command> zone with the ECDSAP256SHA256 key generated by key generated by
(Kexample.com.+003+17247). Because the <command>-S</command> option <command>dnssec-keygen</command> (Kexample.com.+013+17247).
is not being used, the zone's keys must be in the master file Because the <command>-S</command> option is not being used,
the zone's keys must be in the master file
(<filename>db.example.com</filename>). This invocation looks (<filename>db.example.com</filename>). This invocation looks
for <filename>dsset</filename> files, in the current directory, for <filename>dsset</filename> files, in the current directory,
so that DS records can be imported from them (<command>-g</command>). so that DS records can be imported from them (<command>-g</command>).
</para> </para>
<programlisting>% dnssec-signzone -g -o example.com db.example.com \ <programlisting>% dnssec-signzone -g -o example.com db.example.com \
Kexample.com.+003+17247 Kexample.com.+013+17247
db.example.com.signed db.example.com.signed
%</programlisting> %</programlisting>
<para> <para>