DKIM: move ed25519_privkey_pem_to_pubkey_raw_b64 to src/util/ and add usage notes to docs

author: Jeremy Harris <jgh146exb@wizmail.org> 2018-03-24 15:19:27 +0000
committer: Jeremy Harris <jgh146exb@wizmail.org> 2018-03-25 13:40:17 +0100
commit: 2a9d222af6d22606b62557b74e41b6e0e583edf8 (patch)
tree: 82af666312f569673e8f47d540622e397e10c4d3 /doc
parent: b8444b382f1b4fa31bf975295ade3a29d616ed9e (diff)
1 files changed, 14 insertions, 0 deletions
diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt
index 67ade7b04..726f3af8a 100644
--- a/doc/doc-docbook/spec.xfpt
+++ b/doc/doc-docbook/spec.xfpt
@@ -38946,6 +38946,20 @@ As they are a recent development, users should consider dual-signing
 for some transition period.
 The "_CRYPTO_SIGN_ED25519" macro will be defined if support is present
 for EC keys.
+
+As of writing, producing EC key materials is not well supported
+by the major libraries.  GnuTLS 3.6.0 can create a private key:
+.code
+certtool --generate-privkey --key-type=ed25519 --outfile=dkim_ed25519.private
+.endd
+
+To help in producing the required public key value for a DNS record
+the release package &_util/_& directory contains source for a utility
+buildable with GnuTLS 3.6.0;
+use it like this:
+.code
+ed25519_privkey_pem_to_pubkey_raw_b64 dkim_ed25519.private
+.endd
 .wen
 
 .option dkim_hash smtp string&!! sha256
author	Jeremy Harris <jgh146exb@wizmail.org>	2018-03-24 15:19:27 +0000
committer	Jeremy Harris <jgh146exb@wizmail.org>	2018-03-25 13:40:17 +0100
commit	2a9d222af6d22606b62557b74e41b6e0e583edf8 (patch)
tree	82af666312f569673e8f47d540622e397e10c4d3 /doc
parent	b8444b382f1b4fa31bf975295ade3a29d616ed9e (diff)