+.\" Man page for secnet.
+.\"
+.\" See the secnet.git README, or the Debian copyright file, for full
+.\" list of copyright holders.
+.\"
+.\" secnet is free software; you can redistribute it and/or modify it
+.\" under the terms of the GNU General Public License as published by
+.\" the Free Software Foundation; either version 3 of the License, or
+.\" (at your option) any later version.
+.\"
+.\" secnet is distributed in the hope that it will be useful, but
+.\" WITHOUT ANY WARRANTY; without even the implied warranty of
+.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+.\" General Public License for more details.
+.\"
+.\" You should have received a copy of the GNU General Public License
+.\" version 3 along with secnet; if not, see
+.\" https://www.gnu.org/licenses/gpl.html.
.TH secnet 8
.SH NAME
Configuration file key defining active sites.
The default is \fBsites\fR.
+.SH "CAPABILITY NEGOTIATION"
+Sites negotiate with each other during key exchange
+in order to determine which cryptographic algorithms and other features
+\(en termed
+.I capabilities
+\(en
+they each support.
+Capabilities are assigned small integer numbers.
+In many cases,
+capability numbers can be assigned in the configuration file,
+as described below;
+but secnet's default assignments will often be satisfactory.
+.PP
+Capability numbers between 0 and 7 inclusive
+are reserved for local use:
+secnet will never make use of them without explicit configuration.
+This may be useful to migrate from one set of parameters
+for a particular cryptographic algorithm
+to different, incompatible, parameters for the same algorithm.
+Other capability numbers are assigned by default
+by various kinds of closures.
+See the descriptions below for details.
+.PP
+It is essential that a capability number mean the same thing
+to each of a pair of peers.
+It's possible to configure a site
+so that it uses different capability numbers for the same feature
+when it communicates with different peer sites,
+but this is likely to be more confusing than useful.
+
.SH "CONFIGURATION FILE"
.SS Overview
The default configuration file is \fI/etc/secnet/secnet.conf\fR.
If \fBtrue\fR (the default) then check if \fIp\fR is prime.
.PP
A \fIdh closure\fR defines a group to be used for key exchange.
-The same group must be used by all sites in the VPN.
.SS logfile
\fBlogfile(\fIDICT\fB)\fR => \fIlog closure\fR
Read the contents of the file \fIPATH\fR (a string) and return it as a string.
.SS eax-serpent
-\eax-fBserpent(\fIDICT\fB)\fR => \fItransform closure\fR
+\fBeax-serpent(\fIDICT\fB)\fR => \fItransform closure\fR
.PP
Valid keys in the \fIDICT\fR argument are:
.TP
.B padding-rounding
Messages are padded to a multiple of this many bytes. This
serves to obscure the exact length of messages. The default is 16,
+.TP
+.B capab-num
+The capability number to use when advertising this
+transform. The default for serpent-eax is 9.
.PP
A \fItransform closure\fR is a reversible means of transforming
messages for transmission over a (presumably) insecure network.
.SS serpent256-cbc
\fBserpent256-cbc(\fIDICT\fB)\fR => \fItransform closure\fR
.PP
+This transform
+is deprecated as its security properties are poor; it should be
+specified only alongside a better transform such as eax-serpent.
+.PP
Valid keys in the \fIDICT\fR argument are:
.TP
+.B capab-num
+As above. The default for serpent256-cbc is 8.
+.TP
.B max-sequence-skew
As above.
.PP
The key used to verify the peer's identity.
.TP
.B transform
-A \fItransform closure\fR.
-Used to protect packets exchanged with the peer.
+One or more \fItransform closures\fR.
+Used to protect packets exchanged with the peer. These should
+all have distinct \fBcapab-num\fR values, and the same \fBcapab-num\fR
+value should have the same (or a compatible) meaning at both
+ends. The list should be in order of preference, most preferred
+first. (The end which sends MSG1,MSG3 ends up choosing; the ordering
+at the other end is irrelevant.)
.TP
.B dh
A \fIdh closure\fR.