games/mix: document -g option, rename tests to examples as it is in the man page

[plan9front.git] / sys / man / 6 / authsrv

diff --git a/sys/man/6/authsrv b/sys/man/6/authsrv
index 96c36cea4cfd01b07fcb40f0b7d61fd7a88553cc..7e803849e8509c254b18aea6f331dc61d429af9d 100644 (file)
--- a/sys/man/6/authsrv
+++ b/sys/man/6/authsrv
@@ -284,6 +284,10 @@ proving to the client that it also knows
 .I Kn
 and therefore 
 .I Ks .
+.PP
+The 64-bit shared secret
+.I Kn
+is used as the session secret.
 .SS "Password authenticated key exchange"
 Initially, the server and client keys
 .I Ks
@@ -527,7 +531,7 @@ and contributes its random string
 .IR RNs
 for the session secret.
 .PP
-The 2048-bit session secret is derived with a PRF hashing the
+The 2048-bit session secret is derived with HKDF-SHA256 hashing the
 concatenated random strings
 .IR RNc | RNs
 with the the shared secret key
@@ -586,16 +590,16 @@ authentication files
 and
 .IR attach (5)).
 Other services, such as
-.IR cpu (1)
+.IR cpu (1),
+.IR exportfs (4)
 and
-.IR exportfs (4),
+.IR tlssrv (8)
 run
 .I p9any
-over the network and then 
-use
-.I Kn
-to derive an
+over the network and then use the session secret to derive an
 .IR ssl (3)
+or
+.IR tls (3)
 key to encrypt the rest of their communications.
 .SS "Password Change
 Users connect directly to the AS
@@ -759,7 +763,7 @@ This protocol allows the use of
 handheld authenticators such as SecureNet
 keys and SecureID tokens
 in programs such as
-.IR ssh (1)
+.I telnetd
 and
 .I ftpd
 (see