keys/tripe-keys.conf.5.in, server/tripe.8.in: Contemplate more group types.

[tripe] / keys / tripe-keys.conf.5.in

diff --git a/keys/tripe-keys.conf.5.in b/keys/tripe-keys.conf.5.in
index 06ba3e4..0b488f0 100644 (file)
--- a/keys/tripe-keys.conf.5.in
+++ b/keys/tripe-keys.conf.5.in
@@ -117,6 +117,13 @@ default.  Usually set up automatically.
 Additional options for generating master keys.  Default is
 .RB ` -l '.
 .TP
+.I master-attrs
+Additional attributes to set on the master key,
+as
+.IB key = value
+pairs separated by spaces.
+Default is empty.
+.TP
 .I hk-master
 The fingerprint of the current master signing key.  No default.  Usually
 set up automatically.
@@ -201,6 +208,14 @@ ec \-Cnist-p256
 _
 .TE
 .TP
+.I kx-attrs
+Additional attributes to set on the parameters
+(and therefore copied to peer keys),
+as
+.IB key = value
+pairs separated by spaces.
+Default is empty.
+.TP
 .I kx-expire
 Expiry time for generated keys.  Default is
 .BR "now + 1 year" .
@@ -222,26 +237,30 @@ output length.
 Mask-generation algorithm to use.  Default is
 .IB hash -mgf \fR.
 This is probably a good choice.
+.ne 6
 .TP
 .I cipher
 Symmetric encryption scheme to use.  Default is
 .BR rijndael-cbc .
+.ne 6
 .TP
 .I sig
 Signature scheme to use.  Must be one of those recognized by
 .BR catsign (1).
-Default is
-.B dsa
-if
-.I kx
-is
-.BR dh ,
-or
-.B ecdsa
-if
+Default depends on
 .I kx
-is
-.BR ec .
+as follows.
+.TS
+center;
+| ci | ci |
+| lb | lb |.
+_
+kx     sig
+_
+dh     dsa
+ec     ecdsa
+_
+.TE
 .ne 10
 .TP
 .I sig-genalg