Suppresses the progress indication which is usually generated while
time-consuming key generation tasks are being performed.
.TP
+.BI "\-E, \-\-public-exponent"
+Set the public exponent for RSA keys.
+The default is 65537,
+because this seems to be the overwhelmingly popular choice
+among practitioners
+and because it was the exponent used before this option was introduced.
+The value 3 is fine unless you use a completely terrible padding scheme.
+.TP
.BI "\-L, \-\-lim-lee"
When generating Diffie\(enHellman parameters, generate a Lim\(enLee
prime rather than a random (or safe) prime. See the details on
.IR x -coordinate
of the corresponding point.
.TP
+.B x448
+Generate a private scalar and a corresponding public point on the
+(Montgomery-form) Ed448-Goldilocks elliptic curve.
+The scalar is simply a random 256-bit string;
+the public key is the
+.IR x -coordinate
+of the corresponding point.
+.TP
.B ed25519
Generate a private key and a corresponding public point on the
(twisted Edwards-form) Curve25519 elliptic curve.
from which a scalar and secret prefix are derived;
the public key is the compressed form of the corresponding point.
.TP
+.B ed448
+Generate a private key and a corresponding public point on the
+(Edwards-form) Ed448-Goldilocks elliptic curve.
+The private key is simply a random 456-bit string,
+from which a scalar and secret prefix are derived;
+the public key is the compressed form of the corresponding point.
+.TP
.B empty
Generate an empty key, with trivial contents.
This is useful as a `parameters' key,
any, is removed and no new tag is set. It is an error to set a tag
which already exists on another key, unless you give the
.B \-r
-option, which removes the tag first.
+option.
+.PP
+The following options are recognized.
+.TP
+.B "\-r, \-\-retag"
+Untag the existing key with the desired new tag, if any.
.SS "setattr"
Attaches attributes to a key. The key to which the attributes should be
attached is given by its
~mdw / catacomb / blobdiff