From aabb4529539737a7db95762b0ab718cb04445891 Mon Sep 17 00:00:00 2001 From: Matthijs Mekking Date: Wed, 31 Jan 2024 09:33:17 +0100 Subject: [PATCH 1/2] dnssec-keygen man page still says it can do TSIG Remove text in man page that says the program can also be used for generate TSIG keys, this was removed in 9.13.0 but this text was still not yet removed. --- bin/dnssec/dnssec-keygen.rst | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/bin/dnssec/dnssec-keygen.rst b/bin/dnssec/dnssec-keygen.rst index 121ced4e02..cc721e0599 100644 --- a/bin/dnssec/dnssec-keygen.rst +++ b/bin/dnssec/dnssec-keygen.rst @@ -27,9 +27,7 @@ Description ~~~~~~~~~~~ :program:`dnssec-keygen` generates keys for DNSSEC (Secure DNS), as defined in -:rfc:`2535` and :rfc:`4034`. It can also generate keys for use with TSIG -(Transaction Signatures) as defined in :rfc:`2845`, or TKEY (Transaction -Key) as defined in :rfc:`2930`. +:rfc:`2535` and :rfc:`4034`. The ``name`` of the key is specified on the command line. For DNSSEC keys, this must match the name of the zone for which the key is being From 8a8c573be60d5411ecece0e9f5c12fdf0696c70d Mon Sep 17 00:00:00 2001 From: Matthijs Mekking Date: Thu, 1 Feb 2024 11:20:33 +0100 Subject: [PATCH 2/2] Put reference to RFC 2845 in tsig-keygen man page --- bin/confgen/tsig-keygen.rst | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/bin/confgen/tsig-keygen.rst b/bin/confgen/tsig-keygen.rst index 7420bede43..5ecce5d0e1 100644 --- a/bin/confgen/tsig-keygen.rst +++ b/bin/confgen/tsig-keygen.rst @@ -27,9 +27,10 @@ Synopsis Description ~~~~~~~~~~~ -:program:`tsig-keygen` is an utility that generates keys for use in TSIG signing. -The resulting keys can be used, for example, to secure dynamic DNS updates -to a zone, or for the :iscman:`rndc` command channel. +:program:`tsig-keygen` is an utility that generates keys for use with TSIG +(Transaction Signatures) as defined in :rfc:`2845`. The resulting keys can be used, +for example, to secure dynamic DNS updates to a zone, or for the :iscman:`rndc` +command channel. A domain name can be specified on the command line to be used as the name of the generated key. If no name is specified, the default is ``tsig-key``.