diff options
| author | Jameson Rollins <jrollins@finestructure.net> | 2010-01-16 13:49:29 -0500 |
|---|---|---|
| committer | Jameson Rollins <jrollins@finestructure.net> | 2010-01-16 13:49:29 -0500 |
| commit | 92385288ff477cd3ac297be8dbc2763f802e0273 (patch) | |
| tree | e69b72b122f26bc79e3489a7b4ee8d6144d7c133 /man | |
| parent | 22a89e59d5c106ae9c6ef4ed881ea739dc06d3da (diff) | |
some improvements to man pages
Diffstat (limited to 'man')
| -rw-r--r-- | man/man1/monkeysphere.1 | 4 | ||||
| -rw-r--r-- | man/man7/monkeysphere.7 | 28 |
2 files changed, 21 insertions, 11 deletions
diff --git a/man/man1/monkeysphere.1 b/man/man1/monkeysphere.1 index c5296ec..e725aa5 100644 --- a/man/man1/monkeysphere.1 +++ b/man/man1/monkeysphere.1 @@ -13,7 +13,9 @@ monkeysphere - Monkeysphere client user interface \fBMonkeysphere\fP is a framework to leverage the OpenPGP web of trust for OpenSSH and TLS key-based authentication. OpenPGP keys are tracked via GnuPG, and added to the authorized_keys and known_hosts -files used by OpenSSH for connection authentication. +files used by OpenSSH for connection authentication. Monkeysphere can +also be used by a monkeysphere validation agent to validate TLS +connections on the web. \fBmonkeysphere\fP is the Monkeysphere client utility. diff --git a/man/man7/monkeysphere.7 b/man/man7/monkeysphere.7 index f5a2371..775826e 100644 --- a/man/man7/monkeysphere.7 +++ b/man/man7/monkeysphere.7 @@ -7,10 +7,12 @@ Trust .SH DESCRIPTION -\fBMonkeysphere\fP is a framework to leverage the OpenPGP Web of Trust -for ssh authentication. OpenPGP keys are tracked via GnuPG, and added -to the authorized_keys and known_hosts files used by ssh for -connection authentication. +\fBMonkeysphere\fP is a framework to leverage the OpenPGP web of trust +for OpenSSH and TLS key-based authentication. OpenPGP keys are +tracked via GnuPG, and added to the authorized_keys and known_hosts +files used by OpenSSH for connection authentication. Monkeysphere can +also be used by a monkeysphere validation agent to validate TLS +connections on the web. .SH IDENTITY CERTIFIERS @@ -44,10 +46,9 @@ address in the User ID). .SH KEY ACCEPTABILITY -During known_host and authorized_keys updates, the monkeysphere -commands work from a set of user IDs to determine acceptable keys for -ssh authentication. OpenPGP keys are considered acceptable if the -following criteria are met: +The monkeysphere commands work from a set of user IDs to determine +acceptable keys for ssh and TLS authentication. OpenPGP keys are +considered acceptable if the following criteria are met: .TP .B capability The key must have the `authentication' (`a') usage flag set. @@ -61,8 +62,15 @@ The relevant user ID must be signed by a trusted identity certifier. .SH HOST IDENTIFICATION -The OpenPGP keys for hosts have associated user IDs that use the ssh -URI specification for the host, i.e. `ssh://host.full.domain[:port]'. +The OpenPGP keys for hosts have associated `service names` (OpenPGP +user IDs) that are based on URI specifications for the service. Some +examples: +.TP +.B ssh: +ssh://host.full.domain[:port] +.TP +.B https: +https://host.full.domain[:port] .SH AUTHOR |