1# $OpenBSD: README,v 1.10 2000/09/26 23:28:45 angelos Exp $ 2 3This is release 2.3 of the KeyNote trust management library reference 4implementation (in case you are wondering, there was never an official 1.0 5release). 6 7For details on the KeyNote spec, read RFC 2704, included in this distribution 8(in the doc/ directory). 9 10To build the distribution, just type "./configure" and then "make" or 11"make crypt". To test the distribution, type "make test". The query should 12evaluate to "true" (look at the last line of output). To build without 13crypto support, use "make nocrypto" instead (you still need to run 14"configure"). If you have built crypto support, "make test-sig" will run 15some more tests on the cryptographic algorithms. 16 17A sample application is provided in sample-app.c. To build it, use 18"make test-sample". 19 20Compile tips: 21- You need the SSLeay/OpenSSL library if you compile with crypto 22 (default), version 0.8.1b or later. OpenSSL can be found at: 23 http://www.openssl.org/ 24 25The Makefile creates the libkeynote.a library and the keynote program. 26*** Notice that the 4 programs of previous releases have been folded into one 27 28There is a man page for the library calls (keynote.3) and one for the command 29line tool (keynote.1), in the man/ directory. There is also a man page 30about KeyNote itself (keynote.4) and one about assertion syntax 31(keynote.5) which contain some text from the spec. 32 33To view them, use: 34 35 nroff -mandoc keynote.1 | more 36 nroff -mandoc keynote.3 | more 37 nroff -mandoc keynote.4 | more 38 nroff -mandoc keynote.5 | more 39 40Alternatively, you can just install them in your manpath. If your 41nroff does not support the -mandoc flag, use -man instead. For those 42systems that do not have nroff, the text version of the man pages are 43provided as well (the files with .cat? suffixes in the same directory). 44 45The "keynote verify" function can be used to verify a request, given a 46set of assertions and an environment file. The directory testsuite/ 47has some examples assertions. The "keynote keygen" function can 48be used to generate keys. The "keynote sign" and "keynote sigver" can be 49used to sign assertions, and verify signed assertions respectively. 50 51The file base64.c was taken from the OpenBSD libc and was slightly 52modified. 53 54Read the TODO file to see what's missing (and eventually coming). 55 56When in doubt on how to use a library call (despite the man pages), 57consult the implementation of the various utilities. 58 59For any questions, comments, bug reports, praise, or anything else, 60contact us at keynote@research.att.com 61 62There is also a users mailing list at keynote-users@nsa.research.att.com 63To subscribe, send a message to majordomo@nsa.research.att.com with the word 64"subscribe keynote-users" (without the quotes) in the message body. 65 66Finally, there is a web page for KeyNote at 67 http://www.cis.upenn.edu/~keynote 68 69Angelos D. Keromytis 70