X-Git-Url: https://git.distorted.org.uk/~mdw/secnet/blobdiff_plain/8644ac83446ced746cc232643974c4120bff5a6b..refs/heads/mdw/xdh:/README.make-secnet-sites

diff --git a/README.make-secnet-sites b/README.make-secnet-sites
index cef4368..ac64fb4 100644
--- a/README.make-secnet-sites
+++ b/README.make-secnet-sites
@@ -117,8 +117,9 @@ INPUT SYNTAX
 
 	Finally, the properties.
 
-	If a property has already been defined on an item, then it is an
-	error to try to redefine it.
+	Usually, if a property has already been defined on an item, then
+	it is an error to try to redefine it.  But some properties are
+	list-like: the values are accumulated into a single list.
 
 	Mostly, properties are written to corresponding assignments in
 	the generated Secnet configuration file, .  The entries below
@@ -130,15 +131,22 @@ INPUT SYNTAX
 		location levels.
 
 	dh P G
-		Assigns a Diffie--Hellman closure to the `dh' key,
-		constructed as `diffie-hellman(P, G)'. Acceptable at all
-		levels; required at site level.
+	dh GROUP-NAME
+		Assigns a Diffie--Hellman closure to the `dh' key.  If
+		MODULUS and GENERATOR are given, the closure is
+		constructed as `diffie-hellman(P, G)'.  If a GROUP-NAME
+		is given, it must be one of `x25519' or `x448', and the
+		like-named pre-existing DH closure is used.  This is a
+		listish property: it can be set more than once and the
+		values are accumulated into a list in the output.
+
+		Acceptable at all levels; required at site level.
 
 	hash HASH-NAME
 		Assigns the HASH-NAME to the `hash' key.  The HASH-NAME
-		must be one of `md5' or `sha1', and the corresponding
-		hash closure is used.  Acceptable at all levels;
-		required at site level.
+		must be one of `md5', `sha1', or `sha512', and the
+		corresponding hash closure is used.  Acceptable at all
+		levels; required at site level.
 
 	key-lifetime INT
 	setup-timeout INT