contrib/zkt/examples/flat/dnssec.conf

   1 #
   2 #       @(#) dnssec.conf vT0.99a (c) Feb 2005 - Jul 2009 Holger Zuleger hznet.de
   3 #
   4
   5 #   dnssec-zkt options
   6 Zonedir:        "."
   7 Recursive:      True
   8 PrintTime:      False
   9 PrintAge:       True
  10 LeftJustify:    False
  11
  12 #   zone specific values
  13 ResignInterval: 2d      # (172800 seconds)
  14 Sigvalidity:    6d      # (518400 seconds)
  15 Max_TTL:        8h      # (28800 seconds)
  16 Propagation:    5m      # (300 seconds)
  17 KEY_TTL:        1h      # (3600 seconds)
  18 Serialformat:   incremental
  19
  20 #   signing key parameters
  21 Key_algo:       RSASHA1 # (Algorithm ID 5)
  22 KSK_lifetime:   60d     # (5184000 seconds)
  23 KSK_bits:       1300
  24 KSK_randfile:   "/dev/urandom"
  25 ZSK_lifetime:   2w      # (1209600 seconds)
  26 ZSK_bits:       512
  27 ZSK_randfile:   "/dev/urandom"
  28 SaltBits:       24
  29
  30 #   dnssec-signer options
  31 LogFile:        "zkt.log"
  32 LogLevel:       DEBUG
  33 SyslogFacility: USER
  34 SyslogLevel:    NOTICE
  35 VerboseLog:     2
  36 Keyfile:        "dnskey.db"
  37 Zonefile:       "zone.db"
  38 KeySetDir:      "../keysets"
  39 DLV_Domain:     ""
  40 Sig_Pseudorand: True
  41 Sig_GenerateDS: True
  42 Sig_Parameter:  "-n 1"
  43 Distribute_Cmd: "./dist.sh"