Track2Agenda: kasp.html

File kasp.html, 2.9 KB (added by Andy Linton, 6 years ago)
Line 
1<?xml version="1.0" encoding="UTF-8"?>
2<html xmlns="http://www.w3.org/TR/xhtml1/strict">
3  <head>
4    <title>KASP</title>
5    <style type="text/css">
6                                        td.tag   { background-color: #dddddd; width: 5cm; }
7                                        td.value { width: 10cm; }
8                                </style>
9  </head>
10  <body><h1>KASP: Key and Signature Policy</h1>
11        <h2>Policy: default</h2><p><small>LPNZ policy</small></p>
12               
13                <h3>Signatures</h3><table><tr><td class="tag">Resign</td><td class="value">2 hours</td></tr><tr><td class="tag">Refresh</td><td class="value">3 days</td></tr><tr><td class="tag">Validity Default</td><td class="value">7 days</td></tr><tr><td class="tag">Validity NSEC/NSEC3</td><td class="value">7 days</td></tr><tr><td class="tag">Jitter</td><td class="value">12 hours</td></tr><tr><td class="tag">Inception Offset</td><td class="value">3600 seconds</td></tr></table>
14
15                <h3>Denial of Existence</h3>
16                        <table><tr><td class="tag">Method</td><td class="value">NSEC</td></tr></table>
17               
18
19                <h3>Key Parameters</h3><table><tr><td class="tag">TTL</td><td class="value">3600 seconds</td></tr><tr><td class="tag">Retire Safety</td><td class="value">3600 seconds</td></tr><tr><td class="tag">Publish Safety</td><td class="value">3600 seconds</td></tr><tr><td class="tag">Share Keys?</td><td class="value">No</td></tr><tr><td class="tag">Purge dead keys after</td><td class="value">14 days</td></tr><tr><td colspan="2"><b>KSK</b></td></tr><tr><td class="tag">Algorithm</td><td class="value">RSA/SHA-256, 2048 bits</td></tr><tr><td class="tag">Lifetime</td><td class="value">2 years</td></tr><tr><td class="tag">Repository</td><td class="value">SoftHSM-KSK</td></tr><tr><td class="tag">Number of Standby Keys</td><td class="value"/></tr><tr><td class="tag">Manual Rollover?</td><td class="value">No</td></tr><tr><td class="tag">Use RFC5011?</td><td class="value">No</td></tr><tr><td colspan="2"><b>ZSK</b></td></tr><tr><td class="tag">Algorithm</td><td class="value">RSA/SHA-256, 1024 bits</td></tr><tr><td class="tag">Lifetime</td><td class="value">30 days</td></tr><tr><td class="tag">Repository</td><td class="value">SoftHSM-ZSK</td></tr><tr><td class="tag">Number of Standby Keys</td><td class="value">1</td></tr><tr><td class="tag">Manual Rollover?</td><td class="value">No</td></tr></table>
20
21                <h3>Zone Parameters</h3><table><tr><td class="tag">Propagation Delay</td><td class="value">43200 seconds</td></tr><tr><td class="tag">SOA TTL</td><td class="value">3600 seconds</td></tr><tr><td class="tag">SOA Minimum</td><td class="value">3600 seconds</td></tr><tr><td class="tag">SOA Serial Format</td><td class="value">YYYYMMDDnn (Date + 2-Digit-Counter)</td></tr></table>
22
23                <h3>Parent Parameters</h3><table><tr><td class="tag">Propagation Delay</td><td class="value">9999 seconds</td></tr><tr><td class="tag">DS TTL</td><td class="value">3600 seconds</td></tr><tr><td class="tag">SOA TTL</td><td class="value">172800 seconds</td></tr><tr><td class="tag">SOA Minimum</td><td class="value">10800 seconds</td></tr></table>
24
25       
26       
27</body>
28</html>