Commit 6b4b1542 authored by Valentin Samir's avatar Valentin Samir

Add comments and docstrings

parent cca96219
# Directory where dnssec keys will be stored
# Directory where dnssec keys will be stored. This directory will contain on subdirectory per DNS
# zone, containing dnssec keys.
# Interval between 2 operations on the dns keys.
......@@ -17,7 +18,6 @@ interval=23
# -c is called at least once a day.
# Time after which a new KSK is generated and published for the zone (and activated after INTERVAL).
# The old key is removed only INTERVAL after the new key was --ds-seen.
# This usually requires a manual operation with the registrar (publish DS of the new key
......@@ -25,7 +25,9 @@ zsk_validity=30
# to be called and has not yet be called
# Algorithm used to generate new keys.
# Algorithm used to generate new keys. Only the first created KSK and ZSK of a zone will use
# this algorithm. Any renewed key will use the exact same parameters (name, algorithm, size,
# and type) as the renewed key.
# Valid algorithms are RSASHA256, RSASHA512, ECCGOST, ECDSAP256SHA256, ECDSAP384SHA384.
This diff is collapsed.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment