X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=README;h=1d29c551c4e5b78bdeaf47b36e5185e582466bab;hb=9fe002edfab58aac700bb3b5a8ada0f38e3ac5ea;hp=88dd48b6d20693c281dfd663a3d23cb7497d995e;hpb=8db6adcb8cc98608c8e29e2b78b48d68be9dbef0;p=secnet.git

diff --git a/README b/README
index 88dd48b..1d29c55 100644
--- a/README
+++ b/README
@@ -392,15 +392,19 @@ site: dict argument
    them.
   resolver (resolver closure)
   random (randomsrc closure)
-  local-key (rsaprivkey closure)
+  key-cache (privcache closure)
+  local-key (sigprivkey closure): Deprecated; use key-cache instead.
   address (string list): optional, DNS name(s) used to find our peer;
     address literals are supported too if enclosed in `[' `]'.
   port (integer): mandatory if 'address' is specified: the port used
     to contact our peer
-  key (rsapubkey closure): our peer's public key
+  peer-keys (string): path (prefix) for peer public key set file(s);
+    see README.make-secnet-sites re `pub' etc. and NOTES.peer-keys.
+  key (sigpubkey closure): our peer's public key (obsolete)
   transform (transform closure): how to mangle packets sent between sites
   dh (dh closure)
-  hash (hash closure)
+  hash (hash closure): used for keys whose algorithm (or public
+    or private key file) does not imply the hash function
   key-lifetime (integer): max lifetime of a session key, in ms
     [one hour; mobile: 2 days]
   setup-retries (integer): max number of times to transmit a key negotiation
@@ -577,8 +581,8 @@ priv-cache: dict argument
 
 Defines:
   sigscheme algorithm 00 "rsa1"
-  rsa-private (closure => rsaprivkey closure)
-  rsa-public (closure => rsapubkey closure)
+  rsa-private (closure => sigprivkey closure)
+  rsa-public (closure => sigpubkey closure)
 
 rsa1 sigscheme algorithm:
   private key: SSH private key file, version 1, no password