Show
Ignore:
Timestamp:
01/11/11 14:44:43 (2 years ago)
Author:
ahu
Message:

fix typo in bindbackend, add pdnssec hash-zone-record convenience function for manual hashing, plus document it

Files:
1 modified

Legend:

Unmodified
Added
Removed

  • trunk/pdns/pdns/docs/pdns.xml

    r1860 r1865  
    93259325        </varlistentry> 
    93269326        <varlistentry> 
     9327            <term>hash-zone-record ZONE RECORDNAME</term> 
     9328            <listitem> 
     9329              <para> 
     9330                This convenience command hashes the name 'recordname' according to the NSEC3 settings of ZONE. 
     9331                Refuses to hash for zones with no NSEC3 settings. 
     9332              </para> 
     9333            </listitem> 
     9334        </varlistentry> 
     9335        <varlistentry> 
    93279336            <term>import-zone-dnskey ZONE filename [ksk|zsk]</term> 
    93289337            <listitem> 
     
    94809489    <para> 
    94819490      For now, it is necessary to execute a manual SQL 'insert' into the domains table of the backend hosting 
    9482       the keying material. This is needed to generate a zone-id for the relevant domain. 
     9491      the keying material. This is needed to generate a zone-id for the relevant domain. Sample SQL statement: 
     9492      <command>insert into domains (name, type) values ('powerdnssec.org', 'NATIVE');</command>. 
    94839493    </para> 
    94849494    </warning> 
     
    94979507  </para> 
    94989508  <para> 
    9499     The 'auth' field should be 0 however for NS records which are used for delegation, and also for any glue records 
    9500     present for this purpose. 
     9509    The 'auth' field should be 0 however for NS records which are used for delegation, and also for any glue (A, AAAA) records 
     9510    present for this purpose. Do note that the DS record for a secure delegation should be authoritative! 
    95019511  </para> 
    95029512  <para> 
     
    95109520  <para> 
    95119521    In 'NSEC3' non-narrow mode, the ordername should contain a lowercase base32hex encoded representation of the salted &amp; iterated hash 
    9512     of the full record name. 
     9522    of the full record name. <command>pdnssec hash-zone-record zone record</command> can be used to calculate this hash. 
    95139523  </para> 
    95149524  </section> 
     
    95459555    <listitem><para>Miek Gieben</para></listitem> 
    95469556    <listitem><para>Stephane Bortzmeyer (AFNIC)</para></listitem> 
    9547     <listitem><para>Michael Braunoede (nic.at)</para></listitem> 
     9557    <listitem><para>Michael Braunoeder (nic.at)</para></listitem> 
    95489558    <listitem><para>Peter van Dijk</para></listitem> 
    95499559    <listitem><para>Maik Zumstrull</para></listitem>