.RI [ item ...]
.br
.B sign
-.RB [ \-adt ]
+.RB [ \-adtC ]
.RB [ \-k
.IR tag ]
.RB [ \-f
.RI [ file ]
.br
.B verify
-.RB [ \-aquv ]
+.RB [ \-aquvC ]
.RB [ \-k
.IR tag ]
.RB [ \-f
.IR format ]
+.RB [ \-t
+.IR time ]
.br
.RB [ \-o
command (see
.BR key (1))
to generate the key.
+.TP
+.B mac
+This uses a symmetric message-authentication algorithm rather than a
+digital signature. The precise message-authentication scheme used is
+determined by the
+.B mac
+attribute on the key, which defaults to
+.IB hash -hmac
+if unspecified. Use the
+.B binary
+algorithm of the
+.B key add
+command (see
+.BR key (1))
+to generate the key.
.PP
As well as the signature algorithm itself, a hash function is used.
This is taken from the
.TP
.B "\-t, \-\-text"
Read and sign the input as text. This is the default.
+.TP
+.B "\-C, \-\-nocheck"
+Don't check the private key for validity. This makes signing go much
+faster, but at the risk of using a duff key, and potentially leaking
+information about the private key.
.SS verify
The
.B verify
signature header specifies the key named
.IR tag .
.TP
+.BI "\-t, \-\-freshtime " time
+Only accept signatures claiming to have been made more recently than
+.IR time .
+If
+.I time
+is
+.B always
+(the default) then any timestamp in the past is acceptable.
+.TP
.B "\-u, \-\-utc"
Show the datestamp in the signature in UTC rather than (your) local
time. The synonym
mode as appropriate. The default is to write the message to standard
output unless verifying a detached signature, in which case nothing is
written.
+.TP
+.B "\-C, \-\-nocheck"
+Don't check the public key for validity. This makes verification go
+much faster, but at the risk of using a duff key, and potentially
+accepting false signatures.
.PP
Output is written to standard output in a machine-readable format.
Major problems cause the program to write a diagnostic to standard error
.BR hashsum (1),
.BR keyring (5).
.SH AUTHOR
-Mark Wooding, <mdw@nsict.org>
+Mark Wooding, <mdw@distorted.org.uk>