summaryrefslogtreecommitdiffstats
path: root/bin/tests/system/keymgr/policy.sample
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-05 18:37:14 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-05 18:37:14 +0000
commitea648e70a989cca190cd7403fe892fd2dcc290b4 (patch)
treee2b6b1c647da68b0d4d66082835e256eb30970e8 /bin/tests/system/keymgr/policy.sample
parentInitial commit. (diff)
downloadbind9-upstream.tar.xz
bind9-upstream.zip
Adding upstream version 1:9.11.5.P4+dfsg.upstream/1%9.11.5.P4+dfsgupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'bin/tests/system/keymgr/policy.sample')
-rw-r--r--bin/tests/system/keymgr/policy.sample58
1 files changed, 58 insertions, 0 deletions
diff --git a/bin/tests/system/keymgr/policy.sample b/bin/tests/system/keymgr/policy.sample
new file mode 100644
index 0000000..4594091
--- /dev/null
+++ b/bin/tests/system/keymgr/policy.sample
@@ -0,0 +1,58 @@
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+# a comment which should be skipped
+
+algorithm-policy rsasha1 {
+ key-size ksk 2048;
+ key-size zsk 1024; // this too
+};
+
+// and this
+
+policy default {
+ directory "keydir";
+ algorithm rsasha1;
+ coverage 1y; # another comment
+ roll-period zsk 6mo; // and yet another
+ pre-publish zsk 6w;
+ post-publish zsk 6w;
+ keyttl 1h;
+};
+
+policy extra {
+ policy default;
+ coverage 5y;
+ roll-period KSK 1 year;
+ roll-period zsk 3mo;
+ pre-publish ksk 3mo;
+ post-publish zsk 1w;
+ keyttl 2h;
+};
+
+/*
+ * and this is also a comment,
+ * and it should be ignored like
+ * the others.
+ */
+
+zone example.com {
+ policy extra;
+ coverage 5 mon;
+ algorithm nsec3rsasha1;
+};
+
+/*
+ * This confirms that zones starting with digits are accepted.
+ */
+zone "99example.com" {
+ policy global;
+};