DNSSEC Key Set
(DNSSEC Key File dialog -> Add/Edit button)
Copyright © 1999-2011 JH Software ApS
DNSSEC Key Set (DNSSEC Key File dialog -> Add/Edit button) |
Simple DNS Plus v. 5.2 Copyright © 1999-2011 JH Software ApS |
|
This dialog is used to create/maintain a DNSSEC key set.
| • | Key set ID A unique identifier for this key set. Only used to identify each key set for management purposes. Not part of actual keys/signatures. Can be any value you want. |
| • | Key set type For details on the 3 key set types, see DNSSEC definition |
| • | Algorithm Specify the algorithm to use for calculating signatures. |
| • | Key size (bits) Specify the key strength |
| • | Public key (DNS zone file format) The public key in DNS zone file format - only available when editing existing key set. |
| • | Signatures expire When signatures created with this key set will expire. The RFCs recommend 13 months for KSKs, and 1 month for ZSKs. |
| • | DNSKEY only / Do not sign any record sets (key pre-publish / phase-out) Check this if you don't want any record sets signed by this key set (but still include the DNSKEY record). This is typically used in "key pre-publish" scenarios. |