site: Update peer keys from ~update file

[secnet.git] / README

diff --git a/README b/README
index c05dc444721daed79f5e5644d8a610b15a97edf9..05b073fd72988c7121db7a1f2a742a546ba24dc5 100644 (file)
--- a/README
+++ b/README
@@ -392,12 +392,15 @@ site: dict argument
    them.
   resolver (resolver closure)
   random (randomsrc closure)
-  local-key (rsaprivkey closure)
+  key-cache (privcache closure)
+  local-key (rsaprivkey closure): Deprecated; use key-cache instead.
   address (string list): optional, DNS name(s) used to find our peer;
     address literals are supported too if enclosed in `[' `]'.
   port (integer): mandatory if 'address' is specified: the port used
     to contact our peer
-  key (rsapubkey closure): our peer's public key
+  peer-keys (string): path (prefix) for peer public key set file(s);
+    see README.make-secnet-sites re `pub' etc.
+  key (rsapubkey closure): our peer's public key (obsolete)
   transform (transform closure): how to mangle packets sent between sites
   dh (dh closure)
   hash (hash closure)
@@ -576,9 +579,15 @@ priv-cache: dict argument
 ** rsa
 
 Defines:
+  sigscheme algorithm 00 "rsa1"
   rsa-private (closure => rsaprivkey closure)
   rsa-public (closure => rsapubkey closure)
 
+rsa1 sigscheme algorithm:
+  private key: SSH private key file, version 1, no password
+  public key: SSH public key file, version 1
+    (length, restrictions, email, etc., ignored)
+
 rsa-private: string[,bool]
   arg1: filename of SSH private key file (version 1, no password)
   arg2: whether to check that the key is usable [default True]