keys/tripe-keys.master: Include a nontrivial `sig-fresh' example.

[tripe] / keys / tripe-keys.conf.5.in

diff --git a/keys/tripe-keys.conf.5.in b/keys/tripe-keys.conf.5.in
index ab4c9e16d6f0e5fa6e69068b1f08c273e9e91c5f..4fc0485a23635590caeba41679e94af52d756291 100644 (file)
--- a/keys/tripe-keys.conf.5.in
+++ b/keys/tripe-keys.conf.5.in
@@ -148,7 +148,7 @@ or
 .B ec
 (elliptic curves).  The default is
 .BR dh .
-.ne 7
+.ne 9
 .TP
 .I kx-genalg
 Key generation algorithm name to pass to
@@ -166,9 +166,11 @@ kx kx-genalg
 _
 dh     dh
 ec     ec
+x25519 x25519
+x448   x448
 _
 .TE
-.ne 7
+.ne 9
 .TP
 .I kx-param-genalg
 Key generation algorithm name to pass to
@@ -186,9 +188,11 @@ kx kx-param-genalg
 _
 dh     dh-param
 ec     ec-param
+x25519 empty
+x448   empty
 _
 .TE
-.ne 7
+.ne 9
 .TP
 .I kx-param
 Options to pass to
@@ -205,8 +209,11 @@ kx kx-param
 _
 dh     \-LS \-b3072 \-B256
 ec     \-Cnist-p256
+x25519 \fInone
+x448   \fInone
 _
 .TE
+.ne 9
 .TP
 .I kx-attrs
 Additional attributes to set on the parameters
@@ -214,8 +221,22 @@ Additional attributes to set on the parameters
 as
 .IB key = value
 pairs separated by spaces.
-Default is
-.BR serialization=constlen .
+Default depends on
+.I kx
+as follows.
+.TS
+center;
+| ci | ci |
+| lb | lb |.
+_
+kx     kx-attrs
+_
+dh     serialization=constlen
+ec     serialization=constlen
+x25519 \fIempty
+x448   \fIempty
+_
+.TE
 .TP
 .I kx-expire
 Expiry time for generated keys.  Default is
@@ -278,7 +299,7 @@ iiv rijndael-cbc
 naclbox        chacha20
 _
 .TE
-.ne 7
+.ne 8
 .TP
 .I sig
 Signature scheme to use.  Must be one of those recognized by
@@ -295,6 +316,8 @@ kx  sig
 _
 dh     dsa
 ec     ecdsa
+x25519 ed25519
+x448   ed448
 _
 .TE
 .ne 12