.TP
.BI "\-T, \-\-trace=" trace-opts
Allows the enabling or disabling of various internal diagnostics. See
-below for the list of options.
+the
+.B TRACE
+command in
+.BR trace-admin (5)
+for the list of options.
.SS "Key exchange group types"
The
.B tripe
Names the bulk-crypto transform to use. See below.
.TP
.B blkc
-Names a block cipher, used by some bulk-crypto transforms (e.g.,
+Names a blockcipher, used by some bulk-crypto transforms (e.g.,
.BR iiv ).
-The default is to use the block cipher underlying the chosen
+The default is to use the blockcipher underlying the chosen
.BR cipher ,
if any.
.TP
.TP
.B iiv
A newer `implicit-IV' transform. Rather than having an explicit random
-IV, the IV is computed from the sequence number using a block cipher.
+IV, the IV is computed from the sequence number using a blockcipher.
This has two advantages over the
.B v0
transform. Firstly, it adds less overhead to encrypted messages
closes a kleptographic channel, over which a compromised implementation
could leak secret information to a third party.
.TP
+.B aead
+A transform based on an all-in-one `authenticated encryption with
+additional data' scheme. The scheme is named in the
+.B cipher
+attribute; the default is
+.BR rijndael-ocb3 .
+If the
+.B mac
+attribute is given, it must be either
+.B aead
+or
+.BR aead/ \c
+.IR tagsz ,
+where
+.I tagsz
+is the desired tag length in bits; alternatively, the tag length can be
+set in the
+.B tagsz
+attribute. The chosen AEAD scheme must accept at least a 64-bit nonce
+(this rules out OCB3 and CCM with 64-bit blockciphers); it mustn't
+require an absurdly large nonce size (none of the schemes implemented in
+Catacomb present a problem here, but it bears mentioning); it must
+actually support additional header data (which rules out the
+.B naclbox
+schemes, but see the
+.B naclbox
+transform below); and it must produce an empty ciphertext when
+encrypting an empty message (again, all of Catacomb's schemes meet this
+requirement).
+.TP
.B naclbox
A transform based on the NaCl
.B crypto_secretbox