From 5b44a262edc91add8c90bb29284feea3118939ef Mon Sep 17 00:00:00 2001 Message-Id: <5b44a262edc91add8c90bb29284feea3118939ef.1715784224.git.mdw@distorted.org.uk> From: Mark Wooding Date: Sun, 21 Jun 2020 16:08:35 +0100 Subject: [PATCH] keys/tripe-keys.conf.5.in: Typeset parameter names in bold. Organization: Straylight/Edgeware From: Mark Wooding Not sure why I decided to set these in italics when I started. It doesn't make a great deal of sense. --- keys/tripe-keys.conf.5.in | 66 +++++++++++++++++++-------------------- 1 file changed, 33 insertions(+), 33 deletions(-) diff --git a/keys/tripe-keys.conf.5.in b/keys/tripe-keys.conf.5.in index ce40baf3..ebdbbd90 100644 --- a/keys/tripe-keys.conf.5.in +++ b/keys/tripe-keys.conf.5.in @@ -76,18 +76,18 @@ The fingerprint of the signing key identified by .BR @MASTER-SEQUENCE@ . .SS "Master repository parameters" .TP -.I base-url +.B base-url The base URL of the key repository (usually with a trailing .RB ` / '). Typically, this will be something like .RB http://www.distorted.org.uk/vpn/ . No default. .TP -.I repos-base +.B repos-base The basename for the repository archive. Default is .BR tripe-keys.tar.gz . .TP -.I sig-base +.B sig-base The basename template for repository signatures. Default is .BR tripe-keys.sig- . The @@ -95,39 +95,39 @@ The portion, if any, is replaced by the sequence number of the key which made the signature. .TP -.I repos-url +.B repos-url The URL for the key repository tarball. Default is the concatenation of .I base-url and .IR repos-base . .TP -.I sig-url +.B sig-url The URL template for key repository signatures. Default is the concatenation of .I base-url and .IR sig-base . .TP -.I master-sequence +.B master-sequence The sequence number of the master authority's current signing key. No default. Usually set up automatically. .TP -.I master-keygen-flags +.B master-keygen-flags Additional options for generating master keys. Default is .RB ` -l '. .TP -.I master-attrs +.B master-attrs Additional attributes to set on the master key, as .IB key = value pairs separated by spaces. Default is empty. .TP -.I hk-master +.B hk-master The fingerprint of the current master signing key. No default. Usually set up automatically. .TP -.I upload-hook +.B upload-hook A shell command to run by .B tripe-keys upload after it has successfully written the @@ -139,7 +139,7 @@ Default is which does nothing. .SS "Crypto parameters" .TP -.I kx +.B kx Key-exchange algorithm to use. Either .B dh (integer Diffie-Hellman) @@ -149,7 +149,7 @@ or .BR dh . .ne 9 .TP -.I kx-genalg +.B kx-genalg Key generation algorithm name to pass to .B "key add" when generating keys. @@ -171,7 +171,7 @@ _ .TE .ne 9 .TP -.I kx-param-genalg +.B kx-param-genalg Key generation algorithm name to pass to .B "key add" when generating the parameters key. @@ -193,7 +193,7 @@ _ .TE .ne 9 .TP -.I kx-param +.B kx-param Options to pass to .B "key add" when generating the parameters key. Default depends on @@ -214,7 +214,7 @@ _ .TE .ne 9 .TP -.I kx-attrs +.B kx-attrs Additional attributes to set on the parameters (and therefore copied to peer keys), as @@ -237,21 +237,21 @@ x448 \fIempty _ .TE .TP -.I kx-expire +.B kx-expire Expiry time for generated keys. Default is .BR "now + 1 year" . .TP -.I hash +.B hash Hashing algorithm to use. Default is .BR sha256 . .TP -.I bulk +.B bulk The bulk crypto transform to use. Default is .BR iiv . .ne 8 .TP -.I mac +.B mac Message authentication algorithm to use. Default depends on .I bulk @@ -275,13 +275,13 @@ is half of .IR hash 's output length.) .TP -.I mgf +.B mgf Mask-generation algorithm to use. Default is .IB hash -mgf \fR. This is probably a good choice. .ne 7 .TP -.I cipher +.B cipher Symmetric encryption scheme to use. Default depends on .I bulk @@ -300,7 +300,7 @@ _ .TE .ne 8 .TP -.I sig +.B sig Signature scheme to use. Must be one of those recognized by .BR catsign (1). Default depends on @@ -321,7 +321,7 @@ _ .TE .ne 12 .TP -.I sig-genalg +.B sig-genalg Key-generation algorithm for signing key. Default depends on .I sig as follows. @@ -344,7 +344,7 @@ _ .TE .ne 10 .TP -.I sig-param +.B sig-param Signature-key generation parameters. Default depends on .I sig-genalg as follows. @@ -364,25 +364,25 @@ ed448 \fInone _ .TE .TP -.I sig-hash +.B sig-hash Hash function to use for making signatures. Default is .IR hash . .TP -.I sig-fresh +.B sig-fresh Oldest time we should consider a signed archive to be fresh. Default is .BR always , meaning that all signatures are fresh. .TP -.I sig-expire +.B sig-expire Expiry time for master signing key. Default is .BR forever . .TP -.I fingerprint-hash +.B fingerprint-hash Hash function to use for key fingerprinting. Default is .IR hash . .SS "Master maintenance parameters" .TP -.I base-dir +.B base-dir Local base directory for the repository files. This probably ought to end in a .RB ` / ' @@ -390,23 +390,23 @@ character. Unexpected files in this directory will be removed by the .B tripe-keys upload command. No default. .TP -.I repos-file +.B repos-file Filename for local repository tarball. Default is the concatenation of .I base-dir and .IB repos-base . .TP -.I sig-file +.B sig-file Template for repository signatures. Default is the concatenation of .I base-dir and .IR sig-base . .TP -.I conf-file +.B conf-file Filename for local repository configuration file. Default is .IB basedir /tripe-keys.conf \fR. .TP -.I kx-warn-days +.B kx-warn-days The .B "tripe-keys check" command will warn about keys which will in less than -- [mdw]