added first documentation

author Svenne Krap <svenne@krap.dk>

Mon, 11 Jan 2010 10:18:04 +0000 (11:18 +0100)

committer Svenne Krap <svenne@krap.dk>

Mon, 11 Jan 2010 10:18:04 +0000 (11:18 +0100)
author Svenne Krap <svenne@krap.dk>
Mon, 11 Jan 2010 10:18:04 +0000 (11:18 +0100)
committer Svenne Krap <svenne@krap.dk>
Mon, 11 Jan 2010 10:18:04 +0000 (11:18 +0100)
diff --git a/readme.txt b/readme.txt

new file mode 100644 (file)

index 0000000..ebee0cb
--- /dev/null
+++ b/readme.txt
@@ -0,0 +1,28 @@
+microdnssec, (c) Svenne Krap, 2010
+released under 2-clause BSD-license
+
+Before use there are multiple things you need to do:
+1) have one or more servers running bind (9.6.x) you can ssh into 
+2) set up this bind to include an autogenerated file (seczone.conf for example) 
+3) configure microdnssec in conf/settings (start out with a copy from
+conf/settings.sample)
+
+Workflow - new domains: 
+- prepare-zone.sh <zone> <zone-maintainer-mail> 
+   (i.e. prepare-zone example.com dns@example.com )
+- edit-zone.sh <zone>
+- sign-zone.sh <zone>
+- update-zone-conf.sh
+
+Work-flow resign : 
+- refresh-signatures.sh
+
+Work-flow key-roll-over
+- make-{z,k}sk.sh <zone>
+- sign-all.sh
+> pass DS-record upstream, if needed
+- list-keys.sh <zone>
+> find the correct key to expire
+- retire-key.sh <zone> <key> (copy/paste key from list-keys output)
+> wait til all signatures from the old key has expired
+- purge-retired-keys.sh <zone>
author	Svenne Krap <svenne@krap.dk>
	Mon, 11 Jan 2010 10:18:04 +0000 (11:18 +0100)
committer	Svenne Krap <svenne@krap.dk>
	Mon, 11 Jan 2010 10:18:04 +0000 (11:18 +0100)