~mdw
/
tripe
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
keys/tripe-keys.conf.5.in, server/tripe.8.in: Contemplate more group types.
[tripe]
/
keys
/
tripe-keys.conf.5.in
diff --git
a/keys/tripe-keys.conf.5.in
b/keys/tripe-keys.conf.5.in
index
ecc6344
..
0b488f0
100644
(file)
--- a/
keys/tripe-keys.conf.5.in
+++ b/
keys/tripe-keys.conf.5.in
@@
-117,6
+117,13
@@
default. Usually set up automatically.
Additional options for generating master keys. Default is
.RB ` -l '.
.TP
Additional options for generating master keys. Default is
.RB ` -l '.
.TP
+.I master-attrs
+Additional attributes to set on the master key,
+as
+.IB key = value
+pairs separated by spaces.
+Default is empty.
+.TP
.I hk-master
The fingerprint of the current master signing key. No default. Usually
set up automatically.
.I hk-master
The fingerprint of the current master signing key. No default. Usually
set up automatically.
@@
-141,6
+148,47
@@
or
.B ec
(elliptic curves). The default is
.BR dh .
.B ec
(elliptic curves). The default is
.BR dh .
+.ne 7
+.TP
+.I kx-genalg
+Key generation algorithm name to pass to
+.B "key add"
+when generating keys.
+Default depends on
+.I kx
+as follows.
+.TS
+center;
+| ci | ci |
+| lb | lb |.
+_
+kx kx-genalg
+_
+dh dh
+ec ec
+_
+.TE
+.ne 7
+.TP
+.I kx-param-genalg
+Key generation algorithm name to pass to
+.B "key add"
+when generating the parameters key.
+Default depends on
+.I kx
+as follows.
+.TS
+center;
+| ci | ci |
+| lb | lb |.
+_
+kx kx-param-genalg
+_
+dh dh-param
+ec ec-param
+_
+.TE
+.ne 7
.TP
.I kx-param
Options to pass to
.TP
.I kx-param
Options to pass to
@@
-160,6
+208,14
@@
ec \-Cnist-p256
_
.TE
.TP
_
.TE
.TP
+.I kx-attrs
+Additional attributes to set on the parameters
+(and therefore copied to peer keys),
+as
+.IB key = value
+pairs separated by spaces.
+Default is empty.
+.TP
.I kx-expire
Expiry time for generated keys. Default is
.BR "now + 1 year" .
.I kx-expire
Expiry time for generated keys. Default is
.BR "now + 1 year" .
@@
-181,26
+237,31
@@
output length.
Mask-generation algorithm to use. Default is
.IB hash -mgf \fR.
This is probably a good choice.
Mask-generation algorithm to use. Default is
.IB hash -mgf \fR.
This is probably a good choice.
+.ne 6
.TP
.I cipher
Symmetric encryption scheme to use. Default is
.BR rijndael-cbc .
.TP
.I cipher
Symmetric encryption scheme to use. Default is
.BR rijndael-cbc .
+.ne 6
.TP
.I sig
Signature scheme to use. Must be one of those recognized by
.BR catsign (1).
.TP
.I sig
Signature scheme to use. Must be one of those recognized by
.BR catsign (1).
-Default is
-.B dsa
-if
-.I kx
-is
-.BR dh ,
-or
-.B ecdsa
-if
+Default depends on
.I kx
.I kx
-is
-.BR ec .
+as follows.
+.TS
+center;
+| ci | ci |
+| lb | lb |.
+_
+kx sig
+_
+dh dsa
+ec ecdsa
+_
+.TE
+.ne 10
.TP
.I sig-genalg
Key-generation algorithm for signing key. Default depends on
.TP
.I sig-genalg
Key-generation algorithm for signing key. Default depends on
@@
-221,6
+282,7
@@
ecdsa ec
eckcdsa ec
_
.TE
eckcdsa ec
_
.TE
+.ne 8
.TP
.I sig-param
Signature-key generation parameters. Default depends on
.TP
.I sig-param
Signature-key generation parameters. Default depends on