.\" NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
.\" WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
-.\" $Id: dnssec-makekeyset.8,v 1.6 2000/07/31 15:28:19 bwelling Exp $
+.\" $Id: dnssec-makekeyset.8,v 1.7 2000/07/31 19:39:38 bwelling Exp $
.\"
.Dd Jun 30, 2000
.Dt DNSSEC-MAKEKEYSET 8
.Op Fl e Ar end-time
.Op Fl t Ar TTL
.Op Fl r Ar randomdev
+.Op Fl p
.Op Fl v Ar level
.Ar keyfile ....
.Sh DESCRIPTION
between keystrokes to derive some random data.
.Pp
The
+.Fl p
+option instructs
+.Nm dnssec-makekeyset
+to use pseudo-random data when self-signing the keyset. This is faster, but
+less secure, than using genuinely random data for signing.
+This option may be useful when the entropy source is limited.
+.Pp
+The
.Fl t
option is followed by a time-to-live argument
.Ar TTL
.\" NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
.\" WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
-.\" $Id: dnssec-signkey.8,v 1.7 2000/07/31 15:28:20 bwelling Exp $
+.\" $Id: dnssec-signkey.8,v 1.8 2000/07/31 19:39:39 bwelling Exp $
.\"
.Dd Jun 30, 2000
.Dt DNSSEC-SIGNKEY 8
print a short summary of its command line options
and arguments.
.Pp
-The
-.Fl p
-option instructs
-.Nm dnssec-signkey
-to use pseudo-random data when signing the keys. This is faster, but
-less secure, than using genuinely random data for signing.
-This option may be useful when there are many child zone keysets to
-sign or if the entropy source is limited.
-It could also be used for short-lived keys and signatures that don't
-require as much protection against cryptanalysis, such as when the key
-will be discarded long before it could be compromised.
.Nm dnssec-signkey
may need random numbers in the process of generating keys.
If the system does not have a
as a source of random data.
.Pp
The
+.Fl p
+option instructs
+.Nm dnssec-signkey
+to use pseudo-random data when signing the keys. This is faster, but
+less secure, than using genuinely random data for signing.
+This option may be useful when there are many child zone keysets to
+sign or if the entropy source is limited.
+It could also be used for short-lived keys and signatures that don't
+require as much protection against cryptanalysis, such as when the key
+will be discarded long before it could be compromised.
+.Pp
+The
.Fl v
option can be used to make
.Nm dnssec-signkey
.\" NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
.\" WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
-.\" $Id: dnssec-signzone.8,v 1.9 2000/07/31 15:28:21 bwelling Exp $
+.\" $Id: dnssec-signzone.8,v 1.10 2000/07/31 19:39:42 bwelling Exp $
.\"
.Dd Jun 30, 2000
.Dt DNSSEC-SIGNZONE 8
are due to expire in less than 7.5 days, they would be replaced
with new ones.
.Pp
-The
-.Fl p
-option instructs
-.Nm dnssec-signkey
-to use pseudo-random data when signing the keys. This is faster, but
-less secure, than using genuinely random data for signing.
-This option may be useful when there are many child zone keysets to
-sign or if the entropy source is limited.
-It could also be used for short-lived keys and signatures that don't
-require as much protection against cryptanalysis, such as when the key
-will be discarded long before it could be compromised.
-.Pp
.Nm dnssec-signzone
may need random numbers in the process of signing the zone.
If the system does not have a
.Ar randomdev
as a source of random data.
.Pp
+The
+.Fl p
+option instructs
+.Nm dnssec-signkey
+to use pseudo-random data when signing the keys. This is faster, but
+less secure, than using genuinely random data for signing.
+This option may be useful when there are many child zone keysets to
+sign or if the entropy source is limited.
+It could also be used for short-lived keys and signatures that don't
+require as much protection against cryptanalysis, such as when the key
+will be discarded long before it could be compromised.
+.Pp
An option of
.Fl h
makes
.\" NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
.\" WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
-.\" $Id: dnssec-makekeyset.8,v 1.6 2000/07/31 15:28:19 bwelling Exp $
+.\" $Id: dnssec-makekeyset.8,v 1.7 2000/07/31 19:39:38 bwelling Exp $
.\"
.Dd Jun 30, 2000
.Dt DNSSEC-MAKEKEYSET 8
.Op Fl e Ar end-time
.Op Fl t Ar TTL
.Op Fl r Ar randomdev
+.Op Fl p
.Op Fl v Ar level
.Ar keyfile ....
.Sh DESCRIPTION
between keystrokes to derive some random data.
.Pp
The
+.Fl p
+option instructs
+.Nm dnssec-makekeyset
+to use pseudo-random data when self-signing the keyset. This is faster, but
+less secure, than using genuinely random data for signing.
+This option may be useful when the entropy source is limited.
+.Pp
+The
.Fl t
option is followed by a time-to-live argument
.Ar TTL
.\" NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
.\" WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
-.\" $Id: dnssec-signkey.8,v 1.7 2000/07/31 15:28:20 bwelling Exp $
+.\" $Id: dnssec-signkey.8,v 1.8 2000/07/31 19:39:39 bwelling Exp $
.\"
.Dd Jun 30, 2000
.Dt DNSSEC-SIGNKEY 8
print a short summary of its command line options
and arguments.
.Pp
-The
-.Fl p
-option instructs
-.Nm dnssec-signkey
-to use pseudo-random data when signing the keys. This is faster, but
-less secure, than using genuinely random data for signing.
-This option may be useful when there are many child zone keysets to
-sign or if the entropy source is limited.
-It could also be used for short-lived keys and signatures that don't
-require as much protection against cryptanalysis, such as when the key
-will be discarded long before it could be compromised.
.Nm dnssec-signkey
may need random numbers in the process of generating keys.
If the system does not have a
as a source of random data.
.Pp
The
+.Fl p
+option instructs
+.Nm dnssec-signkey
+to use pseudo-random data when signing the keys. This is faster, but
+less secure, than using genuinely random data for signing.
+This option may be useful when there are many child zone keysets to
+sign or if the entropy source is limited.
+It could also be used for short-lived keys and signatures that don't
+require as much protection against cryptanalysis, such as when the key
+will be discarded long before it could be compromised.
+.Pp
+The
.Fl v
option can be used to make
.Nm dnssec-signkey
.\" NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
.\" WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
-.\" $Id: dnssec-signzone.8,v 1.9 2000/07/31 15:28:21 bwelling Exp $
+.\" $Id: dnssec-signzone.8,v 1.10 2000/07/31 19:39:42 bwelling Exp $
.\"
.Dd Jun 30, 2000
.Dt DNSSEC-SIGNZONE 8
are due to expire in less than 7.5 days, they would be replaced
with new ones.
.Pp
-The
-.Fl p
-option instructs
-.Nm dnssec-signkey
-to use pseudo-random data when signing the keys. This is faster, but
-less secure, than using genuinely random data for signing.
-This option may be useful when there are many child zone keysets to
-sign or if the entropy source is limited.
-It could also be used for short-lived keys and signatures that don't
-require as much protection against cryptanalysis, such as when the key
-will be discarded long before it could be compromised.
-.Pp
.Nm dnssec-signzone
may need random numbers in the process of signing the zone.
If the system does not have a
.Ar randomdev
as a source of random data.
.Pp
+The
+.Fl p
+option instructs
+.Nm dnssec-signkey
+to use pseudo-random data when signing the keys. This is faster, but
+less secure, than using genuinely random data for signing.
+This option may be useful when there are many child zone keysets to
+sign or if the entropy source is limited.
+It could also be used for short-lived keys and signatures that don't
+require as much protection against cryptanalysis, such as when the key
+will be discarded long before it could be compromised.
+.Pp
An option of
.Fl h
makes
projects / thirdparty / bind9.git / commitdiff
