KASP
KASP: Key and Signature Policy
Policy:
Signatures
Resign |
|
Refresh |
|
Validity |
|
Validity NSEC/NSEC3 |
|
Jitter |
|
Inception Offset |
|
Denial of Existence
Method |
NSEC3 |
Opt-Out |
|
Resalt |
|
Hash Algorithm |
|
Hash Iterations |
|
Hash Salt Length |
|
Key Parameters
TTL |
|
Retire Safety |
|
Publish Safety |
|
Share Keys? |
|
Purge dead keys after |
|
KSK |
ZSK |
Use RFC5011? |
|
Zone Parameters
Propagation Delay |
|
SOA TTL |
|
SOA Minimum |
|
SOA Serial Format |
|
Parent Parameters
Propagation Delay |
|
DS TTL |
|
SOA TTL |
|
SOA Minimum |
|
RSA/MD5
DSA/SHA1
RSA/SHA-1
DSA-NSEC3-SHA1
RSASHA1-NSEC3-SHA1
Counter
UNIX Timestamp (as 32-bit Unsigned Integer)
YYYYMMDDnn (Date + 2-Digit-Counter)
Keep Serial from the Unsigned Zone
Yes
No
Algorithm |
/
|
Lifetime |
|
Repository |
|
Number of Standby Keys |
|