The
.B tripe
server uses Diffie\(en\&Hellman key exchange to agree the symmetric keys
-used for bulk data transfer. Currently
-.B tripe
-can do Diffie\(en\&Hellman in two different kinds of cyclic groups:
-.I "Schnorr groups"
-(denoted
-.BR dh )
-and
-.I "elliptic curve groups"
-(denoted
-.BR ec ).
-.PP
-A Schnorr group is a prime-order subgroup of the multiplicative group of
-a finite field; this is the usual
-.I g\*(ssx\*(se
-mod
-.I p
-kind of Diffie\(en\&Hellman. An elliptic curve group is a prime-order
-subgroup of the abelian group of
-.BR K -rational
-points on an elliptic curve defined over a finite field
-.BR K .
-.PP
-Given current public knowledge, elliptic curves can provide similar or
-better security to systems based on integer discrete log problems,
-faster, and with less transmitted data. It's a matter of controversy
-whether this will continue to be the case. The author uses elliptic
-curves.
+used for bulk data transfer.
.PP
The server works out which it should be doing based on the key's
.B kx-group
-attribute, which should be either
-.B dh
-or
-.BR ec .
+attribute.
If this attribute isn't present, then the key's type is examined: if
it's of the form
-.BR tripe\- group
+.BI tripe\- group
then the
.I group
is used. If no group is specified,
.B dh
is used as a fallback.
+The following groups are defined.
+.TP
+.B dh
+.RS
+Use traditional Diffie\(enHellman in a
+.IR "Schnorr group" :
+a prime-order subgroup of the multiplicative group of
+a finite field; this is the usual
+.I g\*(ssx\*(se
+mod
+.I p
+kind of Diffie\(en\&Hellman.
.PP
To create usual Schnorr-group keys, say something like
.VS
key add \-adh \-pparam \-talice \e
\-e"now + 1 year" tripe
.VE
+.RE
+.sv -1
+.TP
+.B ec
+.RS
+Use elliptic curve Diffie\(enHellman.
+An elliptic curve group is a prime-order
+subgroup of the abelian group of
+.BR K -rational
+points on an elliptic curve defined over a finite field
+.BR K .
+.PP
+Given current public knowledge, elliptic curves can provide similar or
+better security to systems based on integer discrete log problems,
+faster, and with less transmitted data. It's a matter of controversy
+whether this will continue to be the case. The author uses elliptic
+curves.
+.PP
To create elliptic curve keys, say something like
.VS
key add \-aec\-param \-Cnist-p256 \-eforever \e
key add \-aec \-pparam \-talice \e
\-e"now + 1 year" tripe
.VE
+.RE
Note that the
.BR tripe-keys (8)
program provides a rather more convenient means for generating and
.TP
.B blkc
Names a block cipher, used by some bulk-crypto transforms (e.g.,
-.BR iiv ). The default is to use the block cipher underlying the chosen
+.BR iiv ).
+The default is to use the block cipher underlying the chosen
.BR cipher ,
if any.
.TP