#
-# @(#) dnssec.conf vT0.98 (c) Feb 2005 - Sep 2008 Holger Zuleger hznet.de
+# @(#) dnssec.conf vT0.99a (c) Feb 2005 - Jul 2009 Holger Zuleger hznet.de
#
# dnssec-zkt options
Serialformat: incremental
# signing key parameters
+Key_algo: RSASHA1 # (Algorithm ID 5)
KSK_lifetime: 60d # (5184000 seconds)
-KSK_algo: RSASHA1 # (Algorithm ID 5)
KSK_bits: 1300
KSK_randfile: "/dev/urandom"
ZSK_lifetime: 2w # (1209600 seconds)
-ZSK_algo: RSASHA1 # (Algorithm ID 5)
ZSK_bits: 512
ZSK_randfile: "/dev/urandom"
SaltBits: 24
KeySetDir: "../keysets"
DLV_Domain: ""
Sig_Pseudorand: True
-Sig_Parameter: ""
+Sig_GenerateDS: True
+Sig_Parameter: "-n 1"
Distribute_Cmd: "./dist.sh"