missing files

[tridge/bind9.git] / contrib / zkt / examples / dnssec.conf

diff --git a/contrib/zkt/examples/dnssec.conf b/contrib/zkt/examples/dnssec.conf
new file mode 100644 (file)
index 0000000..861e8f0
--- /dev/null
+++ b/contrib/zkt/examples/dnssec.conf
@@ -0,0 +1,41 @@
+#   
+#      @(#) dnssec.conf vT0.99d (c) Feb 2005 - Aug 2009 Holger Zuleger hznet.de
+#   
+
+#   dnssec-zkt options
+Zonedir:       "."
+Recursive:     False
+PrintTime:     True
+PrintAge:      False
+LeftJustify:   False
+
+#   zone specific values
+ResignInterval:        1w      # (604800 seconds)
+Sigvalidity:   10d     # (864000 seconds)
+Max_TTL:       8h      # (28800 seconds)
+Propagation:   5m      # (300 seconds)
+KEY_TTL:       4h      # (14400 seconds)
+Serialformat:  incremental
+
+#   signing key parameters
+Key_algo:      RSASHA1 # (Algorithm ID 5)
+KSK_lifetime:  1y      # (31536000 seconds)
+KSK_bits:      1300
+KSK_randfile:  "/dev/urandom"
+ZSK_lifetime:  12w     # (7257600 seconds)
+ZSK_bits:      512
+ZSK_randfile:  "/dev/urandom"
+SaltBits:      24
+
+#   dnssec-signer options
+LogFile:       ""
+LogLevel:      ERROR
+SyslogFacility:        NONE
+SyslogLevel:   NOTICE
+VerboseLog:    0
+Keyfile:       "dnskey.db"
+Zonefile:      "zone.db"
+DLV_Domain:    ""
+Sig_Pseudorand:        False
+Sig_GenerateDS:        True
+Sig_Parameter: ""