X-Git-Url: https://git.distorted.org.uk/~mdw/tripe/blobdiff_plain/b4303459d26e142b1fdcd77501adfbe17ed98076..b86e6f3fab7736f9f70131be1c48434d377a4ae0:/keys/tripe-keys.conf.5.in

diff --git a/keys/tripe-keys.conf.5.in b/keys/tripe-keys.conf.5.in
index ecc6344d..0b488f07 100644
--- a/keys/tripe-keys.conf.5.in
+++ b/keys/tripe-keys.conf.5.in
@@ -117,6 +117,13 @@ default.  Usually set up automatically.
 Additional options for generating master keys.  Default is
 .RB ` -l '.
 .TP
+.I master-attrs
+Additional attributes to set on the master key,
+as
+.IB key = value
+pairs separated by spaces.
+Default is empty.
+.TP
 .I hk-master
 The fingerprint of the current master signing key.  No default.  Usually
 set up automatically.
@@ -141,6 +148,47 @@ or
 .B ec
 (elliptic curves).  The default is
 .BR dh .
+.ne 7
+.TP
+.I kx-genalg
+Key generation algorithm name to pass to
+.B "key add"
+when generating keys.
+Default depends on
+.I kx
+as follows.
+.TS
+center;
+| ci | ci |
+| lb | lb |.
+_
+kx	kx-genalg
+_
+dh	dh
+ec	ec
+_
+.TE
+.ne 7
+.TP
+.I kx-param-genalg
+Key generation algorithm name to pass to
+.B "key add"
+when generating the parameters key.
+Default depends on
+.I kx
+as follows.
+.TS
+center;
+| ci | ci |
+| lb | lb |.
+_
+kx	kx-param-genalg
+_
+dh	dh-param
+ec	ec-param
+_
+.TE
+.ne 7
 .TP
 .I kx-param
 Options to pass to
@@ -160,6 +208,14 @@ ec	\-Cnist-p256
 _
 .TE
 .TP
+.I kx-attrs
+Additional attributes to set on the parameters
+(and therefore copied to peer keys),
+as
+.IB key = value
+pairs separated by spaces.
+Default is empty.
+.TP
 .I kx-expire
 Expiry time for generated keys.  Default is
 .BR "now + 1 year" .
@@ -181,26 +237,31 @@ output length.
 Mask-generation algorithm to use.  Default is
 .IB hash -mgf \fR.
 This is probably a good choice.
+.ne 6
 .TP
 .I cipher
 Symmetric encryption scheme to use.  Default is
 .BR rijndael-cbc .
+.ne 6
 .TP
 .I sig
 Signature scheme to use.  Must be one of those recognized by
 .BR catsign (1).
-Default is
-.B dsa
-if
-.I kx
-is
-.BR dh ,
-or
-.B ecdsa
-if
+Default depends on
 .I kx
-is
-.BR ec .
+as follows.
+.TS
+center;
+| ci | ci |
+| lb | lb |.
+_
+kx	sig
+_
+dh	dsa
+ec	ecdsa
+_
+.TE
+.ne 10
 .TP
 .I sig-genalg
 Key-generation algorithm for signing key.  Default depends on
@@ -221,6 +282,7 @@ ecdsa	ec
 eckcdsa	ec
 _
 .TE
+.ne 8
 .TP
 .I sig-param
 Signature-key generation parameters.  Default depends on