135 lines
2.8 KiB
XML
135 lines
2.8 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
|
|
<!-- Sample KASP file to use for testing kasp2policy.py. -->
|
|
<KASP>
|
|
<Policy name="Policy1">
|
|
<Description>A default policy that will
|
|
amaze you and your friends</Description>
|
|
<Signatures>
|
|
<Resign>PT5M</Resign>
|
|
<Refresh>PT5M</Refresh>
|
|
<Validity>
|
|
<Default>PT15M</Default>
|
|
<Denial>PT15M</Denial>
|
|
</Validity>
|
|
<Jitter>PT2M</Jitter>
|
|
<InceptionOffset>PT1M</InceptionOffset>
|
|
</Signatures>
|
|
|
|
<Denial>
|
|
<NSEC>
|
|
</NSEC>
|
|
</Denial>
|
|
|
|
<Keys>
|
|
<!-- Parameters for both KSK and ZSK -->
|
|
<TTL>PT1M</TTL>
|
|
<RetireSafety>PT0S</RetireSafety>
|
|
<PublishSafety>PT0S</PublishSafety>
|
|
|
|
<!-- Parameters for KSK only -->
|
|
<KSK>
|
|
<Algorithm length="2048">5</Algorithm>
|
|
<Lifetime>PT40M</Lifetime>
|
|
<Repository>softHSM</Repository>
|
|
<Standby>1</Standby>
|
|
</KSK>
|
|
|
|
<!-- Parameters for ZSK only -->
|
|
<ZSK>
|
|
<Algorithm length="2048">5</Algorithm>
|
|
<Lifetime>PT25M</Lifetime>
|
|
<Repository>softHSM</Repository>
|
|
<Standby>1</Standby>
|
|
</ZSK>
|
|
</Keys>
|
|
|
|
<Zone>
|
|
<PropagationDelay>PT0S</PropagationDelay>
|
|
<SOA>
|
|
<TTL>PT0S</TTL>
|
|
<Minimum>PT0S</Minimum>
|
|
<Serial>unixtime</Serial>
|
|
</SOA>
|
|
</Zone>
|
|
|
|
<Parent>
|
|
<PropagationDelay>PT8M</PropagationDelay>
|
|
<DS>
|
|
<TTL>PT0S</TTL>
|
|
</DS>
|
|
<SOA>
|
|
<TTL>PT0S</TTL>
|
|
<Minimum>PT0S</Minimum>
|
|
</SOA>
|
|
</Parent>
|
|
</Policy>
|
|
<Policy name="Policy2">
|
|
<Description>A default policy that will amaze you and your friends</Description>
|
|
<Signatures>
|
|
<Resign>PT7M</Resign>
|
|
<Refresh>PT7M</Refresh>
|
|
<Validity>
|
|
<Default>PT15M</Default>
|
|
<Denial>PT16M</Denial>
|
|
</Validity>
|
|
<Jitter>PT2M</Jitter>
|
|
<InceptionOffset>PT1M</InceptionOffset>
|
|
</Signatures>
|
|
|
|
<Denial>
|
|
<NSEC3>
|
|
<Resalt>P120D</Resalt>
|
|
<Hash>
|
|
<Algorithm>1</Algorithm>
|
|
<Iterations>5</Iterations>
|
|
<Salt length="8"/>
|
|
</Hash>
|
|
</NSEC3>
|
|
</Denial>
|
|
|
|
<Keys>
|
|
<!-- Parameters for both KSK and ZSK -->
|
|
<TTL>PT15M</TTL>
|
|
<RetireSafety>PT0S</RetireSafety>
|
|
<PublishSafety>PT0S</PublishSafety>
|
|
|
|
<!-- Parameters for KSK only -->
|
|
<KSK>
|
|
<Algorithm length="2048">7</Algorithm>
|
|
<Lifetime>PT45M</Lifetime>
|
|
<Repository>softHSM</Repository>
|
|
<Standby>1</Standby>
|
|
</KSK>
|
|
|
|
<!-- Parameters for ZSK only -->
|
|
<ZSK>
|
|
<Algorithm length="2048">7</Algorithm>
|
|
<Lifetime>PT25M</Lifetime>
|
|
<Repository>softHSM</Repository>
|
|
<Standby>1</Standby>
|
|
</ZSK>
|
|
</Keys>
|
|
|
|
<Zone>
|
|
<PropagationDelay>PT0S</PropagationDelay>
|
|
<SOA>
|
|
<TTL>PT0S</TTL>
|
|
<Minimum>PT0S</Minimum>
|
|
<Serial>unixtime</Serial>
|
|
</SOA>
|
|
</Zone>
|
|
|
|
<Parent>
|
|
<PropagationDelay>PT12M</PropagationDelay>
|
|
<DS>
|
|
<TTL>PT0S</TTL>
|
|
</DS>
|
|
<SOA>
|
|
<TTL>PT0S</TTL>
|
|
<Minimum>PT0S</Minimum>
|
|
</SOA>
|
|
</Parent>
|
|
</Policy>
|
|
</KASP>
|