X-Git-Url: http://git.tuebingen.mpg.de/?p=paraslash.git;a=blobdiff_plain;f=web%2Fmanual.m4;h=f7071167a62067a9dfbf0c4d594ed49d59a33f0e;hp=3d5bc2ee6327f754b2da031c928c091d8fa049d3;hb=7bf235513ca87b608bdddf6220e284213965e130;hpb=8a61aff04fa2e8860f7fd3969d58d77c0292155a diff --git a/web/manual.m4 b/web/manual.m4 index 3d5bc2ee..f7071167 100644 --- a/web/manual.m4 +++ b/web/manual.m4 @@ -215,11 +215,13 @@ In any case you'll need scripts which run during compilation require the EMPH(Bourne again shell). It is most likely already installed. - - XREFERENCE(http://www.openssl.org/, openssl). The EMPH(Secure - Sockets Layer) library is needed for cryptographic routines - on both the server and the client side. It is usually shipped - with the distro, but you might have to install the "development - package" (called libssl-dev on debian systems) as well. + - XREFERENCE(http://www.openssl.org/, openssl) or + XREFERENCE(ftp://ftp.gnupg.org/gcrypt/libgcrypt/, libgcrypt). + At least one of these two libraries is needed as the backend + for cryptographic routines on both the server and the client + side. Both openssl and libgcrypt are usually shipped with the + distro, but you might have to install the development package + (libssl-dev or libgcrypt-dev on debian systems) as well. - XREFERENCE(ftp://ftp.gnu.org/pub/gnu/help2man, help2man) is used to create the man pages. @@ -527,10 +529,10 @@ as follows: this point on the communication is encrypted using the RC4 stream cipher with the session key known to both peers. -paraslash relies on the quality of openssl's cryptographically strong -pseudo-random bytes, on the security of the implementation of the -openssl RSA and RC4 crypto routines and on the infeasibility to invert -the SHA1 function. +paraslash relies on the quality of the pseudo-random bytes provided +by the crypto library (openssl or libgcrypt), on the security of +the implementation of the RSA and RC4 crypto routines and on the +infeasibility to invert the SHA1 function. Neither para_server or para_client create RSA keys on their own. This has to be done once for each user as sketched in REFERENCE(Quick start,