rsa_keycap -- sample key descriptions file. Each key entry contains these fields: key name : a unique key identifier currently constructed by concatenating abbreviations for client type , author, and binary architecture. client type : (ct=) a string identifying the client type creator : (cr=) the email address of the author or person who compiled the binary and created the RSA key. creation data : (cd=) the creation date. architecture : (ar=) binary architecture comments : (cm=) any additional comments such as ftp sites, compilation details, etc. global key : (gk=) global key in hex. public key : (pk=) public key in hex. A sample key: bronco-trown-hp300:ct=Bronco Vanilla:cr=trown@ecst.csuchico.edu:\ :cd=Oct. 1992:ar=HP9000/300 series / HPUX 8.0:\ :cm=reserved.c blessed:\ :gk=eda48a85695c1f9dad35f60598e502d89f75ae12f84db32098ed3385c8c61f26:\ :pk=d1f983bd8b57649217867e3a1c280c05b1bda927247ac7341d521987d4451518: Note: If you are creating an RSA key, use Sam Shen's mkkey utility which generates the keys, rsa-client.c, and outputs a key entry in the above format. rsa_keycomp.c -- compiles the specified keycap file into the binary .reserved file. cpp symbols: RSA_KEY_EXCLUDE_FILE -- default name of a file containing key names that should be excluded during the compilation. RSA_KEY_FILE -- default output (defined in ntserv's defs.h) Both these files can be specified on the command line with -e and -o respectively. The -c option is provided mainly for the update daemon to make a list of new keys that the server admin can check easily and quickly. The scenario for use is as follows: The ascii keycap file is downloaded from the metaserver. rsa_keycomp is then used to compile the file into the binary reserved file. If the server admin wishes to exclude any keys, he must know beforehand the key name and add it to the exclude file. rsa_key2cap.c -- takes a binary key file containing only global and public keys, prompts for additional fields, and writes a key description to standard output suitable for inclusion in the keycap file. This is provided for backward compatibility with binary key files.