X-Git-Url: https://git.distorted.org.uk/~mdw/tripe/blobdiff_plain/67bb121fe7f962872421d0b8a16953ade26bfb43..07bdda1fdf877d00dd63d53ebd5159b5edd1df29:/keys/tripe-keys.conf.5.in?ds=sidebyside

diff --git a/keys/tripe-keys.conf.5.in b/keys/tripe-keys.conf.5.in
index b6bc6eb6..ee67e9a3 100644
--- a/keys/tripe-keys.conf.5.in
+++ b/keys/tripe-keys.conf.5.in
@@ -214,7 +214,8 @@ Additional attributes to set on the parameters
 as
 .IB key = value
 pairs separated by spaces.
-Default is empty.
+Default is
+.BR serialization=constlen .
 .TP
 .I kx-expire
 Expiry time for generated keys.  Default is
@@ -224,6 +225,10 @@ Expiry time for generated keys.  Default is
 Hashing algorithm to use.  Default is
 .BR sha256 .
 .TP
+.I bulk
+The bulk crypto transform to use.
+Default is
+.BR iiv .
 .I mac
 Message authentication algorithm to use.  Default is
 .IB hash -hmac/ halfhashlen \fR,
@@ -237,27 +242,31 @@ output length.
 Mask-generation algorithm to use.  Default is
 .IB hash -mgf \fR.
 This is probably a good choice.
+.ne 6
 .TP
 .I cipher
 Symmetric encryption scheme to use.  Default is
 .BR rijndael-cbc .
+.ne 6
 .TP
 .I sig
 Signature scheme to use.  Must be one of those recognized by
 .BR catsign (1).
-Default is
-.B dsa
-if
-.I kx
-is
-.BR dh ,
-or
-.B ecdsa
-if
+Default depends on
 .I kx
-is
-.BR ec .
-.ne 10
+as follows.
+.TS
+center;
+| ci | ci |
+| lb | lb |.
+_
+kx	sig
+_
+dh	dsa
+ec	ecdsa
+_
+.TE
+.ne 12
 .TP
 .I sig-genalg
 Key-generation algorithm for signing key.  Default depends on
@@ -276,9 +285,11 @@ rsapcs1	rsa
 rsapss	rsa
 ecdsa	ec
 eckcdsa	ec
+ed25519	ed25519
+ed448	ed448
 _
 .TE
-.ne 8
+.ne 10
 .TP
 .I sig-param
 Signature-key generation parameters.  Default depends on
@@ -295,6 +306,8 @@ dh	\-LS \-b3072 \-B256
 dsa	\-b3072 \-B256
 rsa	\-b3072
 ec	\-Cnist-p256
+ed25519	\fInone
+ed448	\fInone
 _
 .TE
 .TP