[Opendnssec-user] Description of individual OpenDNSSEC packages

[Ondřej Surý]

Hi,

I probably need a help with descriptions of individual debian
packages. Since documentation is scarce and I still don't have good
understanding of what component does what, I would gladly accept help
with writing short one line summary and longer descriptions.

I have been able to make some descriptions, but it certainly needs a
review from authors :)

{{{
opendnssec-auditor

Description: tool to audit DNS signed zones according to local policy
 OpenDNSSEC is a complete DNSSEC zone signing system which is very
 easy to use with stability and security in mind.  There are a lot of
 details in signing zone files with DNSSEC and OpenDNSSEC covers most
 of it.
 .
 This package contains OpenDNSSEC Auditor, which is a tool to check
 whether DNSSEC signed zone complies to a local policy.  It is issued
 automatically (unless disabled) after each resigning of a zone
 and will stop the signed zone file from being distributed if any
 error is found.

opendnssec-conf
Description: common configuration files for OpenDNSSEC suite
 OpenDNSSEC is a complete DNSSEC zone signing system which is very
 easy to use with stability and security in mind.  There are a lot of
 details in signing zone files with DNSSEC and OpenDNSSEC covers most
 of it.
 .
 This package contains common configuration files.

libhsm
Description: library for interfacing PKCS#11 Hardware Security Modules
 OpenDNSSEC is a complete DNSSEC zone signing system which is very
 easy to use with stability and security in mind.  There are a lot of
 details in signing zone files with DNSSEC and OpenDNSSEC covers most
 of it.
 .
 Support library for interfacing PKCS#11 compatible Hardware Security
Modules (HSM).
 This library allows programs to use cryptografic secure storages for
keying material
 such as softhsm (HSM implemented in software), SCA6000, Aladdin eToken, OpenSC,
 nCipher or AEP Keyper.

opendnssec-enforcer
Description: DNSSEC Key and Signature Policy enforcing daemon
 OpenDNSSEC is a complete DNSSEC zone signing system which is very
 easy to use with stability and security in mind.  There are a lot of
 details in signing zone files with DNSSEC and OpenDNSSEC covers most
 of it.
 .
 This package contains daemon which generates DNSSEC key material
 and communicate with OpenDNSSEC signing daemon.

opendnssec-signer

Description: DNSSEC signer engine for OpenDNSSEC
 OpenDNSSEC is a complete DNSSEC zone signing system which is very
 easy to use with stability and security in mind.  There are a lot of
 details in signing zone files with DNSSEC and OpenDNSSEC covers most
 of it.
 .
 The task of the signer engine is to schedule signing operation on DNS zones.
 Taking input from the KASP, it will automatically sign zones and keep their
 signatures up-to-date.
}}}

Ondrej
-- 
Ondřej Surý <ondrej at sury.org>
http://blog.rfc1925.org/