keys/tripe-keys.master: Use correct option for selecting key-exchange curve.

[tripe] / keys / tripe-keys.master

### -*-conf-*-
###
### tripe-keys configuration file
###
### see tripe-keys.conf(5) for full details

###--------------------------------------------------------------------------
### File locations (required).

## The base URL for the repository files.  Include the trailing slash if
## necessary.
# base-url = http://some.server.somewhere/blah/

## The local directory name for the repository files.  Again, include the
## trailing slash if necessary.
# base-dir = /some/directory/blah/

###--------------------------------------------------------------------------
### Crypto parameters.

## The key-exchange type.  May be `dh', `ec', `x25519', or `x448'.
# kx = dh

## Key-generation parameters for key exchange group.
# kx-param = -LS -b3072 -B256
# kx-param = -Cnist-p256
# kx-param =

## Expiry time for peer key-exchange keys.
# kx-expire = now + 1 year

## Bulk crypto transform to use.  May be `v0', `iiv', or `naclbox'.
# bulk = iiv

## Symmetric encryption scheme to use.
# cipher = rijndael-cbc

## Hash function to use.  (We derive the MGF and MAC from this.)
# hash = sha256

## Signature scheme to use for signing/verifying repository archives.
# sig = dsa
# sig = ecdsa
# sig = ed25519

## How recently an archive must have been signed to be valid.
# sig-fresh = always

## When the master signing key expires.
# sig-expire = forever

###--------------------------------------------------------------------------
### Master key integrity

## Since the master public key is contained within the repository, we must
## check its integrity: therefore we record its sequence number and
## fingerprint here.  These are filled in automatically by `tripe-keys
## upload'.  Leave them as they are.
master-sequence = @MASTER-SEQUENCE@
hk-master = @HK-MASTER@