Allow admin clients to filter out async messages. Send notifications

[tripe] / doc / tripe.8

diff --git a/doc/tripe.8 b/doc/tripe.8
index b6da8d814a32d3bfbca123203f0cf0932eaccca6..373271a7440920e78e8292fefea0f0a0fa288265 100644 (file)
--- a/doc/tripe.8
+++ b/doc/tripe.8
@@ -148,6 +148,11 @@ version number to standard output and exits with status 0.
 .B "\-u, \-\-usage"
 Writes a brief usage summary to standard output and exits with status 0.
 .TP
+.B "\-\-tunnel"
+Writes a string to standard output describing the configured tunnelling
+method and exits with status 0.  This is intended for the use of the
+start-up script, so that it can check that it will actually work.
+.TP
 .B "\-D, \-\-daemon"
 Dissociates from its terminal and starts running in the background after
 completing the initialization procedure described above.  If running as
@@ -444,6 +449,34 @@ Now start
 with the
 .B \-ttripe\-ec
 option, and all should be well.
+.SS "Using other symmetric algorithms"
+The default symmetric algorithms
+.B tripe
+uses are Blowfish (by Schneier) for symmetric encryption, and RIPEMD-160
+(by Dobbertin, Bosselaers and Preneel) for hashing and as a MAC (in HMAC
+mode, designed by Bellare, Canetti and Krawczyk).  These can all be
+overridden by setting attributes on your private key, as follows.
+.TP
+.B cipher
+Names the symmetric encryption scheme to use.  The default is
+.BR blowfish\-cbc .
+.TP
+.B hash
+Names the hash function to use.  The default is
+.BR rmd160 .
+.TP
+.B mac
+Names the message authentication code to use.  The name of the MAC may
+be followed by a
+.RB ` / '
+and the desired tag length in bits.  The default is
+.IB hash \-hmac
+at half the underlying hash function's output length.
+.TP
+.B mgf
+A `mask-generation function', used in the key-exchange.  The default is
+.IB hash \-mgf
+and there's no good reason to change it.
 .SS "About the name"
 The program's name is
 .BR tripe ,