X-Git-Url: https://blacka.com/cgi-bin/gitweb.cgi?p=captive-validator.git;a=blobdiff_plain;f=README;fp=README;h=31f5453b599586d8a149c4e2b6312849b2568b6a;hp=96800c964a15606c3d5269b6baf3d0709703275d;hb=3360e70e882665e4fa92cf7f0f0cf18408b0925e;hpb=f875a3d4bfdf4e86655ed0ab3f5adbe0c9ad070f

diff --git a/README b/README
index 96800c9..31f5453 100644
--- a/README
+++ b/README
@@ -1,10 +1,10 @@
-DNSSECReconciler
-----------------
+DNSSECValTool
+-------------
 
 This is a command line Java tool for doing DNSSEC response
 validatation against a single authoritative DNS server.
 
-usage: java -jar dnssecreconiler.jar [..options..]
+usage: java -jar dnssecvaltool.jar [..options..]
        server:       the DNS server to query.
        query:        a name [type [flags]] string.
        query_file:   a list of queries, one query per line.
@@ -14,16 +14,16 @@ usage: java -jar dnssecreconiler.jar [..options..]
                      may repeat
        error_file:   write DNSSEC validation failure details to this file
 
-The DNSSECReconciler needs a server to query ('server'), a query or
-list of queries ('query' or 'query_file'), and a set of DNSKEYs to
-trust ('dnskey_file' or 'dnskey_query') -- these keys MUST be the ones
-used to sign everything in the responses.
+The DNSSECValTool needs a server to query ('server'), a query or list
+of queries ('query' or 'query_file'), and a set of DNSKEYs to trust
+('dnskey_file' or 'dnskey_query') -- these keys MUST be the ones used
+to sign everything in the responses.
 
 By default it logs everything to stdout.  DNSSEC validation errors
 (which is most of the output) can be redirected to a file (which will
 be appended to if it already exists).
 
-Note that the DNSSECReconciler will skip queries if the qname isn't a
+Note that the DNSSECValTool will skip queries if the qname isn't a
 subdomain (or matches) the names of the DNSKEYs that have been added.
 
 query_file
@@ -91,12 +91,19 @@ while (<>) {
 Examples
 --------
 
-java -jar dnssecreconciler server=a.edu-servers.net \
+1. Query "a.edu-servers.net", fetching the .edu keys directly from
+   that server.  Use queries.txt for the queries, and log all DNSSEC
+   validation failures to 'dnssecvaltool_errors.log'.
+
+java -jar dnssecvaltool.jar server=a.edu-servers.net \
      dnskey_query=edu \
      query_file=queries.txt \
-     error_file=dnssecreconciler_errors.log 
+     error_file=dnssecvaltool_errors.log 
+
+2. Query localhost with a single query for edu/soa, using stored keys
+   in the file 'keys'.  Validation failures will be logged to stdout.
 
-java -jar dnssecreconciler.jar server=127.0.0.1 \
+java -jar dnssecvaltool.jar server=127.0.0.1 \
      dnskey_file=keys \
      query="edu soa"