[tripe] / keys / tripe-keys.conf.5.in

.\" -*-nroff-*-
.\".
.\" Manual for the key-management configuration files
.\"
.\" (c) 2008 Straylight/Edgeware
.\"
.
.\"----- Licensing notice ---------------------------------------------------
.\"
.\" This file is part of Trivial IP Encryption (TrIPE).
.\"
.\" TrIPE is free software; you can redistribute it and/or modify
.\" it under the terms of the GNU General Public License as published by
.\" the Free Software Foundation; either version 2 of the License, or
.\" (at your option) any later version.
.\"
.\" TrIPE is distributed in the hope that it will be useful,
.\" but WITHOUT ANY WARRANTY; without even the implied warranty of
.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
.\" GNU General Public License for more details.
.\"
.\" You should have received a copy of the GNU General Public License
.\" along with TrIPE; if not, write to the Free Software Foundation,
.\" Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
.
.\"--------------------------------------------------------------------------
.so ../common/defs.man \" @@@PRE@@@
.
.\"--------------------------------------------------------------------------
.TH tripe-keys.conf 5tripe "14 September 2005" "Straylight/Edgeware" "TrIPE: Trivial IP Encryption"
.
.\"--------------------------------------------------------------------------
.SH "NAME"
.
tripe-keys.conf \- configuration file format for tripe-keys
.
.\"--------------------------------------------------------------------------
.SH "DESCRIPTION"
.
The
.B tripe-keys.master
or
.B tripe-keys.conf
file is a simple line-based configuration file read by
.BR tripe-keys (1).
Lines may be empty (consist only of whitespace), be comments (first
non-whitespace character is
.RB ` # ')
or have the form
.IP
.I name
.RB [ = ]
.I value
.PP
A
.I name
consists of alphanumeric characters and hyphens.  Values may contain
substitutions, of the form
.BI ${ name } \fR,
which are replaced by the value assigned to
.IR name .
Many
.IR name s
have significance to the
.B tripe-keys
program: these are described below.  Many have sensible defaults.
.SS "The tripe-keys.master file"
The client configuration file is built by applying substitutions to the
.B tripe-keys.master
file.  The following tokens are substituted:
.TP
.B @MASTER-SEQUENCE@
The sequence number of the most recently-added signing key.
.TP
.B @HK-MASTER@
The fingerprint of the signing key identified by
.BR @MASTER-SEQUENCE@ .
.SS "Master repository parameters"
.TP
.I base-url
The base URL of the key repository (usually with a trailing
.RB ` / ').
Typically, this will be something like
.RB http://www.distorted.org.uk/vpn/ .
No default.
.TP
.I repos-base
The basename for the repository archive.  Default is
.BR tripe-keys.tar.gz .
.TP
.I sig-base
The basename template for repository signatures.  Default is
.BR tripe-keys.sig-<SEQ> .
The
.RB ` <SEQ> '
portion, if any, is replaced by the sequence number of the key which
made the signature.
.TP
.I repos-url
The URL for the key repository tarball.  Default is the concatenation of
.I base-url
and
.IR repos-base .
.TP
.I sig-url
The URL template for key repository signatures.  Default is the
concatenation of
.I base-url
and
.IR sig-base .
.TP
.I master-sequence
The sequence number of the master authority's current signing key.  No
default.  Usually set up automatically.
.TP
.I master-keygen-flags
Additional options for generating master keys.  Default is
.RB ` -l '.
.TP
.I hk-master
The fingerprint of the current master signing key.  No default.  Usually
set up automatically.
.TP
.I upload-hook
A shell command to run by
.B tripe-keys upload
after it has successfully written the
.I repos-file
and
.IR sig-file s.
Default is
.B ": run upload hook"
which does nothing.
.SS "Crypto parameters"
.TP
.I kx
Key-exchange algorithm to use.  Either
.B dh
(integer Diffie-Hellman)
or
.B ec
(elliptic curves).  The default is
.BR dh .
.TP
.I kx-param
Options to pass to
.B "key add"
when generating the parameters key.  Default depends on
.I kx
as follows.
.TS
center;
| ci | ci |
| lb | lb |.
_
kx	kx-param
_
dh	\-LS \-b3072 \-B256
ec	\-Cnist-p256
_
.TE
.TP
.I kx-expire
Expiry time for generated keys.  Default is
.BR "now + 1 year" .
.TP
.I hash
Hashing algorithm to use.  Default is
.BR sha256 .
.TP
.I mac
Message authentication algorithm to use.  Default is
.IB hash -hmac/ halfhashlen \fR,
where
.I halfhashlen
is half of
.IR hash 's
output length.
.TP
.I mgf
Mask-generation algorithm to use.  Default is
.IB hash -mgf \fR.
This is probably a good choice.
.TP
.I cipher
Symmetric encryption scheme to use.  Default is
.BR blowfish-cbc .
.TP
.I sig
Signature scheme to use.  Must be one of those recognized by
.BR catsign (1).
Default is
.B dsa
if
.I kx
is
.BR dh ,
or
.B ecdsa
if
.I kx
is
.BR ec .
.TP
.I sig-genalg
Key-generation algorithm for signing key.  Default depends on
.I sig
as follows.
.TS
center;
| ci | ci |
| lb | lb |.
_
sig	sig-genalg
_
kcdsa	dh
dsa	dsa
rsapcs1	rsa
rsapss	rsa
ecdsa	ec
eckcdsa	ec
_
.TE
.TP
.I sig-param
Signature-key generation parameters.  Default depends on
.I sig-genalg
as follows.
.TS
center;
| ci | ci |
| lb | lb |.
_
sig-genalg	sig-param
_
dh	\-LS \-b3072 \-B256
dsa	\-b3072 \-B256
rsa	\-b3072
ec	\-Cnist-p256
_
.TE
.TP
.I sig-hash
Hash function to use for making signatures.  Default is
.IR hash .
.TP
.I sig-fresh
Oldest time we should consider a signed archive to be fresh.  Default is
.BR always ,
meaning that all signatures are fresh.
.TP
.I sig-expire
Expiry time for master signing key.  Default is
.BR forever .
.TP
.I fingerprint-hash
Hash function to use for key fingerprinting.  Default is
.IR hash .
.SS "Master maintenance parameters"
.TP
.I base-dir
Local base directory for the repository files.  This probably ought to
end in a
.RB ` / '
character.  No default.
.TP
.I repos-file
Filename for local repository tarball.  Default is the concatenation of
.I base-dir
and
.IB repos-base .
.TP
.I sig-file
Template for repository signatures.  Default is the concatenation of
.I base-dir
and
.IR sig-base .
.TP
.I conf-file
Filename for local repository configuration file.  Default is
.IB basedir /tripe-keys.conf \fR.
.TP
.I kx-warn-days
The
.B "tripe-keys check"
command will warn about keys which will in less than
.I kx-warn-days
days.  Default is 28.
.
.\"--------------------------------------------------------------------------
.SH "SEE ALSO"
.
.BR tripe (8),
.BR tripe\-keys (8).
.
.\"--------------------------------------------------------------------------
.SH "AUTHOR"
.
Mark Wooding, <mdw@distorted.org.uk>
.
.\"----- That's all, folks --------------------------------------------------
Commit	Line	Data
060ca767	1	.\" --nroff--
060ca767	2	.\".
fc916a09 MW	3	.\" Manual for the key-management configuration files
	4	.\"
	5	.\" (c) 2008 Straylight/Edgeware
	6	.\"
	7	.
	8	.\"----- Licensing notice ---------------------------------------------------
	9	.\"
	10	.\" This file is part of Trivial IP Encryption (TrIPE).
	11	.\"
	12	.\" TrIPE is free software; you can redistribute it and/or modify
	13	.\" it under the terms of the GNU General Public License as published by
	14	.\" the Free Software Foundation; either version 2 of the License, or
	15	.\" (at your option) any later version.
	16	.\"
	17	.\" TrIPE is distributed in the hope that it will be useful,
	18	.\" but WITHOUT ANY WARRANTY; without even the implied warranty of
	19	.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	20	.\" GNU General Public License for more details.
	21	.\"
	22	.\" You should have received a copy of the GNU General Public License
	23	.\" along with TrIPE; if not, write to the Free Software Foundation,
	24	.\" Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
	25	.
	26	.\"--------------------------------------------------------------------------
e99aedcf	27	.so ../common/defs.man \" @@@PRE@@@
fc916a09 MW	28	.
fc916a09 MW	29	.\"--------------------------------------------------------------------------
0647ba7c	30	.TH tripe-keys.conf 5tripe "14 September 2005" "Straylight/Edgeware" "TrIPE: Trivial IP Encryption"
fc916a09 MW	31	.
fc916a09 MW	32	.\"--------------------------------------------------------------------------
060ca767	33	.SH "NAME"
fc916a09	34	.
060ca767	35	tripe-keys.conf \- configuration file format for tripe-keys
fc916a09 MW	36	.
fc916a09 MW	37	.\"--------------------------------------------------------------------------
060ca767	38	.SH "DESCRIPTION"
fc916a09	39	.
060ca767	40	The
	41	.B tripe-keys.master
	42	or
	43	.B tripe-keys.conf
	44	file is a simple line-based configuration file read by
	45	.BR tripe-keys (1).
	46	Lines may be empty (consist only of whitespace), be comments (first
	47	non-whitespace character is
	48	.RB ` # ')
	49	or have the form
	50	.IP
	51	.I name
	52	.RB [ = ]
	53	.I value
	54	.PP
	55	A
	56	.I name
	57	consists of alphanumeric characters and hyphens. Values may contain
	58	substitutions, of the form
	59	.BI ${ name } \fR,
	60	which are replaced by the value assigned to
	61	.IR name .
e04c2d50	62	Many
060ca767	63	.IR name s
	64	have significance to the
	65	.B tripe-keys
	66	program: these are described below. Many have sensible defaults.
	67	.SS "The tripe-keys.master file"
	68	The client configuration file is built by applying substitutions to the
	69	.B tripe-keys.master
	70	file. The following tokens are substituted:
	71	.TP
	72	.B @MASTER-SEQUENCE@
	73	The sequence number of the most recently-added signing key.
	74	.TP
	75	.B @HK-MASTER@
	76	The fingerprint of the signing key identified by
	77	.BR @MASTER-SEQUENCE@ .
	78	.SS "Master repository parameters"
	79	.TP
	80	.I base-url
	81	The base URL of the key repository (usually with a trailing
	82	.RB ` / ').
	83	Typically, this will be something like
	84	.RB http://www.distorted.org.uk/vpn/ .
	85	No default.
	86	.TP
	87	.I repos-base
	88	The basename for the repository archive. Default is
	89	.BR tripe-keys.tar.gz .
	90	.TP
	91	.I sig-base
	92	The basename template for repository signatures. Default is
	93	.BR tripe-keys.sig-<SEQ> .
	94	The
	95	.RB ` <SEQ> '
	96	portion, if any, is replaced by the sequence number of the key which
	97	made the signature.
	98	.TP
	99	.I repos-url
	100	The URL for the key repository tarball. Default is the concatenation of
	101	.I base-url
	102	and
	103	.IR repos-base .
	104	.TP
	105	.I sig-url
	106	The URL template for key repository signatures. Default is the
	107	concatenation of
bdbd9326	108	.I base-url
060ca767	109	and
	110	.IR sig-base .
	111	.TP
	112	.I master-sequence
	113	The sequence number of the master authority's current signing key. No
	114	default. Usually set up automatically.
	115	.TP
7858dfa0 MW	116	.I master-keygen-flags
	117	Additional options for generating master keys. Default is
	118	.RB ` -l '.
	119	.TP
060ca767	120	.I hk-master
	121	The fingerprint of the current master signing key. No default. Usually
	122	set up automatically.
b14ccd2f MW	123	.TP
	124	.I upload-hook
	125	A shell command to run by
	126	.B tripe-keys upload
	127	after it has successfully written the
	128	.I repos-file
	129	and
	130	.IR sig-file s.
	131	Default is
	132	.B ": run upload hook"
	133	which does nothing.
060ca767	134	.SS "Crypto parameters"
	135	.TP
	136	.I kx
	137	Key-exchange algorithm to use. Either
e04c2d50	138	.B dh
060ca767	139	(integer Diffie-Hellman)
	140	or
	141	.B ec
	142	(elliptic curves). The default is
	143	.BR dh .
	144	.TP
	145	.I kx-param
	146	Options to pass to
	147	.B "key add"
	148	when generating the parameters key. Default depends on
	149	.I kx
	150	as follows.
	151	.TS
	152	center;
	153	\| ci \| ci \|
	154	\| lb \| lb \|.
	155	_
	156	kx kx-param
	157	_
ca3aaaeb	158	dh \-LS \-b3072 \-B256
060ca767	159	ec \-Cnist-p256
	160	_
	161	.TE
	162	.TP
	163	.I kx-expire
	164	Expiry time for generated keys. Default is
ca3aaaeb	165	.BR "now + 1 year" .
060ca767	166	.TP
	167	.I hash
	168	Hashing algorithm to use. Default is
	169	.BR sha256 .
	170	.TP
	171	.I mac
	172	Message authentication algorithm to use. Default is
	173	.IB hash -hmac/ halfhashlen \fR,
	174	where
	175	.I halfhashlen
	176	is half of
	177	.IR hash 's
	178	output length.
	179	.TP
	180	.I mgf
	181	Mask-generation algorithm to use. Default is
	182	.IB hash -mgf \fR.
	183	This is probably a good choice.
	184	.TP
	185	.I cipher
	186	Symmetric encryption scheme to use. Default is
	187	.BR blowfish-cbc .
	188	.TP
	189	.I sig
	190	Signature scheme to use. Must be one of those recognized by
	191	.BR catsign (1).
	192	Default is
	193	.B dsa
	194	if
	195	.I kx
	196	is
	197	.BR dh ,
	198	or
	199	.B ecdsa
	200	if
	201	.I kx
	202	is
	203	.BR ec .
	204	.TP
	205	.I sig-genalg
e04c2d50	206	Key-generation algorithm for signing key. Default depends on
060ca767	207	.I sig
	208	as follows.
	209	.TS
	210	center;
	211	\| ci \| ci \|
	212	\| lb \| lb \|.
	213	_
	214	sig sig-genalg
	215	_
	216	kcdsa dh
	217	dsa dsa
	218	rsapcs1 rsa
	219	rsapss rsa
	220	ecdsa ec
	221	eckcdsa ec
	222	_
	223	.TE
	224	.TP
	225	.I sig-param
	226	Signature-key generation parameters. Default depends on
	227	.I sig-genalg
	228	as follows.
	229	.TS
	230	center;
	231	\| ci \| ci \|
	232	\| lb \| lb \|.
	233	_
	234	sig-genalg sig-param
	235	_
ca3aaaeb MW	236	dh \-LS \-b3072 \-B256
	237	dsa \-b3072 \-B256
	238	rsa \-b3072
060ca767	239	ec \-Cnist-p256
	240	_
	241	.TE
	242	.TP
	243	.I sig-hash
	244	Hash function to use for making signatures. Default is
	245	.IR hash .
	246	.TP
	247	.I sig-fresh
	248	Oldest time we should consider a signed archive to be fresh. Default is
	249	.BR always ,
	250	meaning that all signatures are fresh.
	251	.TP
	252	.I sig-expire
	253	Expiry time for master signing key. Default is
	254	.BR forever .
	255	.TP
	256	.I fingerprint-hash
	257	Hash function to use for key fingerprinting. Default is
	258	.IR hash .
	259	.SS "Master maintenance parameters"
	260	.TP
	261	.I base-dir
	262	Local base directory for the repository files. This probably ought to
	263	end in a
	264	.RB ` / '
	265	character. No default.
	266	.TP
	267	.I repos-file
	268	Filename for local repository tarball. Default is the concatenation of
	269	.I base-dir
	270	and
	271	.IB repos-base .
	272	.TP
	273	.I sig-file
ca3aaaeb	274	Template for repository signatures. Default is the concatenation of
060ca767	275	.I base-dir
	276	and
	277	.IR sig-base .
	278	.TP
	279	.I conf-file
	280	Filename for local repository configuration file. Default is
	281	.IB basedir /tripe-keys.conf \fR.
c2f28e4b MW	282	.TP
	283	.I kx-warn-days
	284	The
	285	.B "tripe-keys check"
	286	command will warn about keys which will in less than
	287	.I kx-warn-days
	288	days. Default is 28.
fc916a09 MW	289	.
fc916a09 MW	290	.\"--------------------------------------------------------------------------
060ca767	291	.SH "SEE ALSO"
fc916a09	292	.
060ca767	293	.BR tripe (8),
060ca767	294	.BR tripe\-keys (8).
fc916a09 MW	295	.
fc916a09 MW	296	.\"--------------------------------------------------------------------------
060ca767	297	.SH "AUTHOR"
fc916a09	298	.
060ca767	299	Mark Wooding, <mdw@distorted.org.uk>
fc916a09 MW	300	.
fc916a09 MW	301	.\"----- That's all, folks --------------------------------------------------