From 92385288ff477cd3ac297be8dbc2763f802e0273 Mon Sep 17 00:00:00 2001 From: Jameson Rollins Date: Sat, 16 Jan 2010 13:49:29 -0500 Subject: [PATCH] some improvements to man pages --- man/man1/monkeysphere.1 | 4 +++- man/man7/monkeysphere.7 | 28 ++++++++++++++++++---------- 2 files changed, 21 insertions(+), 11 deletions(-) diff --git a/man/man1/monkeysphere.1 b/man/man1/monkeysphere.1 index c5296ec..e725aa5 100644 --- a/man/man1/monkeysphere.1 +++ b/man/man1/monkeysphere.1 @@ -13,7 +13,9 @@ monkeysphere - Monkeysphere client user interface \fBMonkeysphere\fP is a framework to leverage the OpenPGP web of trust for OpenSSH and TLS key-based authentication. OpenPGP keys are tracked via GnuPG, and added to the authorized_keys and known_hosts -files used by OpenSSH for connection authentication. +files used by OpenSSH for connection authentication. Monkeysphere can +also be used by a monkeysphere validation agent to validate TLS +connections on the web. \fBmonkeysphere\fP is the Monkeysphere client utility. diff --git a/man/man7/monkeysphere.7 b/man/man7/monkeysphere.7 index f5a2371..775826e 100644 --- a/man/man7/monkeysphere.7 +++ b/man/man7/monkeysphere.7 @@ -7,10 +7,12 @@ Trust .SH DESCRIPTION -\fBMonkeysphere\fP is a framework to leverage the OpenPGP Web of Trust -for ssh authentication. OpenPGP keys are tracked via GnuPG, and added -to the authorized_keys and known_hosts files used by ssh for -connection authentication. +\fBMonkeysphere\fP is a framework to leverage the OpenPGP web of trust +for OpenSSH and TLS key-based authentication. OpenPGP keys are +tracked via GnuPG, and added to the authorized_keys and known_hosts +files used by OpenSSH for connection authentication. Monkeysphere can +also be used by a monkeysphere validation agent to validate TLS +connections on the web. .SH IDENTITY CERTIFIERS @@ -44,10 +46,9 @@ address in the User ID). .SH KEY ACCEPTABILITY -During known_host and authorized_keys updates, the monkeysphere -commands work from a set of user IDs to determine acceptable keys for -ssh authentication. OpenPGP keys are considered acceptable if the -following criteria are met: +The monkeysphere commands work from a set of user IDs to determine +acceptable keys for ssh and TLS authentication. OpenPGP keys are +considered acceptable if the following criteria are met: .TP .B capability The key must have the `authentication' (`a') usage flag set. @@ -61,8 +62,15 @@ The relevant user ID must be signed by a trusted identity certifier. .SH HOST IDENTIFICATION -The OpenPGP keys for hosts have associated user IDs that use the ssh -URI specification for the host, i.e. `ssh://host.full.domain[:port]'. +The OpenPGP keys for hosts have associated `service names` (OpenPGP +user IDs) that are based on URI specifications for the service. Some +examples: +.TP +.B ssh: +ssh://host.full.domain[:port] +.TP +.B https: +https://host.full.domain[:port] .SH AUTHOR -- 2.25.1