X-Git-Url: https://git.distorted.org.uk/~mdw/catacomb/blobdiff_plain/7532e25e9f8a4347274d62f8fdeffe227afe849e..d5d892140bfb721f7ed5b08e66f861e52e037832:/progs/key.1

diff --git a/progs/key.1 b/progs/key.1
index abd399d9..f5b64455 100644
--- a/progs/key.1
+++ b/progs/key.1
@@ -472,6 +472,14 @@ using a passphrase.
 Suppresses the progress indication which is usually generated while
 time-consuming key generation tasks are being performed.
 .TP
+.BI "\-E, \-\-public-exponent"
+Set the public exponent for RSA keys.
+The default is 65537,
+because this seems to be the overwhelmingly popular choice
+among practitioners
+and because it was the exponent used before this option was introduced.
+The value 3 is fine unless you use a completely terrible padding scheme.
+.TP
 .BI "\-L, \-\-lim-lee"
 When generating Diffie\(enHellman parameters, generate a Lim\(enLee
 prime rather than a random (or safe) prime.  See the details on
@@ -846,6 +854,36 @@ the public point is then
 \(mu
 .IR G .
 .TP
+.B x25519
+Generate a private scalar and a corresponding public point on the
+(Montgomery-form) Curve25519 elliptic curve.
+The scalar is simply a random 256-bit string;
+the public key is the
+.IR x -coordinate
+of the corresponding point.
+.TP
+.B x448
+Generate a private scalar and a corresponding public point on the
+(Montgomery-form) Ed448-Goldilocks elliptic curve.
+The scalar is simply a random 256-bit string;
+the public key is the
+.IR x -coordinate
+of the corresponding point.
+.TP
+.B ed25519
+Generate a private key and a corresponding public point on the
+(twisted Edwards-form) Curve25519 elliptic curve.
+The private key is simply a random 256-bit string,
+from which a scalar and secret prefix are derived;
+the public key is the compressed form of the corresponding point.
+.TP
+.B ed448
+Generate a private key and a corresponding public point on the
+(Edwards-form) Ed448-Goldilocks elliptic curve.
+The private key is simply a random 456-bit string,
+from which a scalar and secret prefix are derived;
+the public key is the compressed form of the corresponding point.
+.TP
 .B empty
 Generate an empty key, with trivial contents.
 This is useful as a `parameters' key,
@@ -868,7 +906,12 @@ new tag to be set.  If no second argument is given, the existing tag, if
 any, is removed and no new tag is set.  It is an error to set a tag
 which already exists on another key, unless you give the
 .B \-r
-option, which removes the tag first.
+option.
+.PP
+The following options are recognized.
+.TP
+.B "\-r, \-\-retag"
+Untag the existing key with the desired new tag, if any.
 .SS "setattr"
 Attaches attributes to a key.  The key to which the attributes should be
 attached is given by its
@@ -923,9 +966,9 @@ keyids, types, expiry and deletion dates, and comments.  Additional
 .RB ` \-v '
 options show more information, such as the exact time of day for expiry
 and deletion, key attributes, and a dump of the actual key data.  If the
-verbosity level is sufficiently high, passphrases are requested to
-decrypt locked keys.  Make sure nobody is looking over your shoulder
-when you do this!
+verbosity level is sufficiently high, secret parts of keys are printed,
+and passphrases are requested to decrypt locked keys.  Make sure nobody
+is looking over your shoulder when you do this!
 .SS "fingerprint"
 Reports a fingerprint (secure hash) on components of requested keys.
 The following options are supported: