--- /dev/null
+microdnssec, (c) Svenne Krap, 2010
+released under 2-clause BSD-license
+
+Before use there are multiple things you need to do:
+1) have one or more servers running bind (9.6.x) you can ssh into
+2) set up this bind to include an autogenerated file (seczone.conf for example)
+3) configure microdnssec in conf/settings (start out with a copy from
+conf/settings.sample)
+
+Workflow - new domains:
+- prepare-zone.sh <zone> <zone-maintainer-mail>
+ (i.e. prepare-zone example.com dns@example.com )
+- edit-zone.sh <zone>
+- sign-zone.sh <zone>
+- update-zone-conf.sh
+
+Work-flow resign :
+- refresh-signatures.sh
+
+Work-flow key-roll-over
+- make-{z,k}sk.sh <zone>
+- sign-all.sh
+> pass DS-record upstream, if needed
+- list-keys.sh <zone>
+> find the correct key to expire
+- retire-key.sh <zone> <key> (copy/paste key from list-keys output)
+> wait til all signatures from the old key has expired
+- purge-retired-keys.sh <zone>