PageRenderTime 16ms CodeModel.GetById 13ms app.highlight 1ms RepoModel.GetById 1ms app.codeStats 0ms

/contrib/bind9/bin/dnssec/dnssec-revoke.docbook

https://bitbucket.org/freebsd/freebsd-head/
Unknown | 161 lines | 144 code | 17 blank | 0 comment | 0 complexity | 6f8b63ae0323bf8d6a94ae1ab094eee5 MD5 | raw file 
  1<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
  2               "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"
  3               [<!ENTITY mdash "&#8212;">]>
  4<!--
  5 - Copyright (C) 2009, 2011  Internet Systems Consortium, Inc. ("ISC")
  6 -
  7 - Permission to use, copy, modify, and/or distribute this software for any
  8 - purpose with or without fee is hereby granted, provided that the above
  9 - copyright notice and this permission notice appear in all copies.
 10 -
 11 - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
 12 - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
 13 - AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
 14 - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
 15 - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
 16 - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
 17 - PERFORMANCE OF THIS SOFTWARE.
 18-->
 19
 20<!-- $Id: dnssec-revoke.docbook,v 1.7.266.2 2011/10/20 23:46:27 tbox Exp $ -->
 21<refentry id="man.dnssec-revoke">
 22  <refentryinfo>
 23    <date>June 1, 2009</date>
 24  </refentryinfo>
 25
 26  <refmeta>
 27    <refentrytitle><application>dnssec-revoke</application></refentrytitle>
 28    <manvolnum>8</manvolnum>
 29    <refmiscinfo>BIND9</refmiscinfo>
 30  </refmeta>
 31
 32  <refnamediv>
 33    <refname><application>dnssec-revoke</application></refname>
 34    <refpurpose>Set the REVOKED bit on a DNSSEC key</refpurpose>
 35  </refnamediv>
 36
 37  <docinfo>
 38    <copyright>
 39      <year>2009</year>
 40      <year>2011</year>
 41      <holder>Internet Systems Consortium, Inc. ("ISC")</holder>
 42    </copyright>
 43  </docinfo>
 44
 45  <refsynopsisdiv>
 46    <cmdsynopsis>
 47      <command>dnssec-revoke</command>
 48      <arg><option>-hr</option></arg>
 49      <arg><option>-v <replaceable class="parameter">level</replaceable></option></arg>
 50      <arg><option>-K <replaceable class="parameter">directory</replaceable></option></arg>
 51      <arg><option>-E <replaceable class="parameter">engine</replaceable></option></arg>
 52      <arg><option>-f</option></arg>
 53      <arg><option>-R</option></arg>
 54      <arg choice="req">keyfile</arg>
 55    </cmdsynopsis>
 56  </refsynopsisdiv>
 57
 58  <refsect1>
 59    <title>DESCRIPTION</title>
 60    <para><command>dnssec-revoke</command>
 61      reads a DNSSEC key file, sets the REVOKED bit on the key as defined
 62      in RFC 5011, and creates a new pair of key files containing the
 63      now-revoked key.
 64    </para>
 65  </refsect1>
 66
 67  <refsect1>
 68    <title>OPTIONS</title>
 69
 70    <variablelist>
 71      <varlistentry>
 72	<term>-h</term>
 73        <listitem>
 74	  <para>
 75	    Emit usage message and exit.
 76	  </para>
 77        </listitem>
 78      </varlistentry>
 79  
 80      <varlistentry>
 81        <term>-K <replaceable class="parameter">directory</replaceable></term>
 82        <listitem>
 83          <para>
 84            Sets the directory in which the key files are to reside.
 85          </para>
 86        </listitem>
 87      </varlistentry>
 88
 89      <varlistentry>
 90	<term>-r</term>
 91        <listitem>
 92	  <para>
 93	    After writing the new keyset files remove the original keyset
 94	    files.
 95	  </para>
 96        </listitem>
 97      </varlistentry>
 98
 99      <varlistentry>
100        <term>-v <replaceable class="parameter">level</replaceable></term>
101        <listitem>
102          <para>
103            Sets the debugging level.
104          </para>
105        </listitem>
106      </varlistentry>
107
108      <varlistentry>
109        <term>-E <replaceable class="parameter">engine</replaceable></term>
110        <listitem>
111          <para>
112            Use the given OpenSSL engine. When compiled with PKCS#11 support
113            it defaults to pkcs11; the empty name resets it to no engine.
114          </para>
115        </listitem>
116      </varlistentry>
117
118      <varlistentry>
119        <term>-f</term>
120        <listitem>
121          <para>
122            Force overwrite: Causes <command>dnssec-revoke</command> to
123            write the new key pair even if a file already exists matching
124            the algorithm and key ID of the revoked key.
125          </para>
126        </listitem>
127      </varlistentry>
128
129      <varlistentry>
130        <term>-R</term>
131        <listitem>
132          <para>
133	    Print the key tag of the key with the REVOKE bit set but do
134	    not revoke the key.
135          </para>
136        </listitem>
137      </varlistentry>
138    </variablelist>
139  </refsect1>
140
141  <refsect1>
142    <title>SEE ALSO</title>
143    <para><citerefentry>
144        <refentrytitle>dnssec-keygen</refentrytitle><manvolnum>8</manvolnum>
145      </citerefentry>,
146      <citetitle>BIND 9 Administrator Reference Manual</citetitle>,
147      <citetitle>RFC 5011</citetitle>.
148    </para>
149  </refsect1>
150
151  <refsect1>
152    <title>AUTHOR</title>
153    <para><corpauthor>Internet Systems Consortium</corpauthor>
154    </para>
155  </refsect1>
156
157</refentry><!--
158 - Local variables:
159 - mode: sgml
160 - End:
161-->