060ca767 |
1 | # tripe-keys configuration file |
2 | # |
3 | # see tripe-keys.conf(5) for full details |
4 | |
5 | ### File locations (required) |
6 | |
7 | # The base URL for the repository files. Include the trailing slash if |
8 | # necessary. |
9 | # base-url = http://some.server.somewhere/blah/ |
10 | |
11 | # The local directory name for the repository files. Again, include the |
12 | # trailing slash if necessary. |
13 | # base-dir = /some/directory/blah/ |
14 | |
15 | ### Crypto parameters |
16 | |
17 | # The key-exchange type. May be `dh' or `ec'. |
18 | # kx = dh |
19 | |
20 | # Key-generation parameters for key exchange group. |
21 | # kx-param = -LS -b2048 -B256 |
22 | |
23 | # Expiry time for peer key-exchange keys. |
24 | # kx-expire = now + 1 day |
25 | |
26 | # Symmetric encryption scheme to use. |
27 | # cipher = blowfish-cbc |
28 | |
29 | # Hash function to use. (We derive the MGF and MAC from this.) |
30 | # hash = sha256 |
31 | |
32 | # Signature scheme to use for signing/verifying repository archives. |
33 | # sig = dsa |
34 | |
35 | # How recently an archive must have been signed to be valid. |
36 | # sig-fresh = always |
37 | |
38 | # When the signing key expires. We're not good at rolling these over. |
39 | # sig-expire = forever |
40 | |
575e728f |
41 | ### Master key integrity |
060ca767 |
42 | |
43 | # Since the master public key is contained within the repository, we must |
575e728f |
44 | # check its integrity: therefore we record its sequence number and |
45 | # fingerprint here. These are filled in automatically by |
46 | # `tripe-keys upload'. Leave them as they are. |
47 | master-sequence = @MASTER-SEQUENCE@ |
060ca767 |
48 | hk-master = @HK-MASTER@ |