.\" -*- nroff -*-
-.Dd $Mdocdate: January 25, 2009 $
+.Dd $Mdocdate: March 1, 2009 $
.Dt PEM2OPENPGP 1
.Os
.Sh NAME
pem2openpgp
.Nd translate PEM-encoded RSA keys to OpenPGP certificates
.Sh SYNOPSIS
-.Nm pem2openpgp "$USERID" < mykey.pem | gpg --import
+.Nm pem2openpgp "$USERID" < mykey.pem | gpg \-\-import
.Pp
.Nm PEM2OPENPGP_EXPIRATION=$((86400 * $DAYS)) PEM2OPENPGP_USAGE_FLAGS=authentication,certify pem2openpgp "$USERID" <mykey.pem
.Sh DESCRIPTION
.ti 3
\fBPEM2OPENPGP_TIMESTAMP\fP controls the timestamp (measured in
seconds since the UNIX epoch) indicated as the creation time (a.k.a
-"not valid before") of the generated certificate. By default,
+"not valid before") of the generated certificate (self-signature) and
+the key itself. By default,
.Nm
uses the current time.
.Pp
.ti 3
+\fBPEM2OPENPGP_KEY_TIMESTAMP\fP controls the timestamp (measured in
+seconds since the UNIX epoch) indicated as the creation time of just
+the key itself (not the self-signature). By default,
+.Nm
+uses the value from PEM2OPENPGP_TIMESTAMP.
+.Pp
+.ti 3
\fBPEM2OPENPGP_USAGE_FLAGS\fP should contain a comma-separated list of
valid OpenPGP usage flags (see section 5.2.3.21 of RFC 4880 for what
these mean). The available choices are: certify, sign, encrypt_comms,
and this man page were written by Daniel Kahn Gillmor
<dkg@fifthhorseman.net>.
.Sh BUGS
-Only handles RSA keys at the moment. It would be nice to handle DSA
+Only handles RSA keys at the moment. It might be nice to handle DSA
keys as well.
.Pp
Currently only creates certificates with a single User ID. Should be
.Xr monkeysphere 1 ,
.Xr monkeysphere 7 ,
.Xr ssh 1 ,
-.Xr monkeysphere-host 8 ,
-.Xr monkeysphere-authentication 8
+.Xr monkeysphere\-host 8 ,
+.Xr monkeysphere\-authentication 8
projects / monkeysphere.git / blobdiff