DnssecSigningAttributes
Information about a delegation signer (DS) record that was created in the registry by AssociateDelegationSignerToDomain.
Contents
- Algorithm
-
Algorithm which was used to generate the digest from the public key.
Type: Integer
Required: No
- Flags
-
Defines the type of key. It can be either a KSK (key-signing-key, value 257) or ZSK (zone-signing-key, value 256). Using KSK is always encouraged. Only use ZSK if your DNS provider isn't Route 53 and you don’t have KSK available.
If you have KSK and ZSK keys, always use KSK to create a delegations signer (DS) record. If you have ZSK keys only – use ZSK to create a DS record.
Type: Integer
Required: No
- PublicKey
-
The base64-encoded public key part of the key pair that is passed to the registry.
Type: String
Length Constraints: Maximum length of 32768.
Required: No
See Also
For more information about using this API in one of the language-specific Amazon SDKs, see the following: