changelog: document changes since 0.6.0

[secnet.git] / README

diff --git a/README b/README
index 8c7e214631077a3327759f5c1d5232dd6326dd7c..200da3742ba9ef91d7b4c81273c22184e02883ca 100644 (file)
--- a/README
+++ b/README
@@ -399,12 +399,10 @@ site: dict argument
   port (integer): mandatory if 'address' is specified: the port used
     to contact our peer
   peer-keys (string): path (prefix) for peer public key set file(s);
-    see README.make-secnet-sites re `pub' etc.
+    see README.make-secnet-sites re `pub' etc. and NOTES.peer-keys.
   key (sigpubkey closure): our peer's public key (obsolete)
   transform (transform closure): how to mangle packets sent between sites
   dh (dh closure)
-  hash (hash closure): used for keys whose algorithm (or public
-    or private key file) does not imply the hash function
   key-lifetime (integer): max lifetime of a session key, in ms
     [one hour; mobile: 2 days]
   setup-retries (integer): max number of times to transmit a key negotiation
@@ -577,6 +575,15 @@ priv-cache: dict argument
   privkey-max (integer): optional, maximum size of private key
     file in bytes. [4095]
 
+** pubkeys
+
+Defines:
+  make-public (closure => sigpubkey closure)
+
+make-public: (
+  arg1: sigscheme name
+  arg2: base91s encoded public key data, according to algorithm
+
 ** rsa
 
 Defines:
@@ -597,6 +604,11 @@ rsa-public: string,string
   arg1: encryption key (decimal)
   arg2: modulus (decimal)
 
+The sigscheme is hardcoded to use sha1.  Both rsa-private and
+rsa-public look for the following config key in their context:
+  hash (hash closure): hash function [sha1]
+
+
 ** dh
 
 Defines: