Use age for encryption, it is simpler

[zeasypki.git] / README

diff --git a/README b/README
index 344b3d5fda922152b9ae5b838acdf716371ff519..745f2a93286031c12396480d9abeee4f9ca8169d 100644 (file)
--- a/README
+++ b/README
@@ -1,17 +1,16 @@
 zeasypki -- easy PKI
 This is helper script for managing X.509 TLS PKI.
 
-ECDSA keypairs are handled with GnuTLS'es certtool.
-GOST keypairs are handled with PyGOST'es utilities
-(http://www.pygost.cypherpunks.ru).
+ECDSA and EdDSA keypairs are handled with GnuTLS'es certtool.
+GOST keypairs are handled with GoGOST'es utilities
+(http://www.gogost.cypherpunks.ru).
 
 CA certificates have 10 years validity lifetime.
 EE certificates have 365 days one.
-EE certificates contain only domain name and a country.
+EE certificates contain only domain name and optionally a country.
 
-Edit zeasypki to suit your needs and working environment. Probably you
-want to change goston(), that activates PyGOST venv and key encryption
-procedures.
+Edit zeasypki to suit your needs and working environment. Probably you want
+to change path-variable setting, that points to GoGOST'es built utilities.
 
 * Create CA keypairs:
     $ mkdir mypki && cd mypki
@@ -28,7 +27,7 @@ procedures.
 
 * Optionally encrypt them (that also can be done with EE keypairs too):
     $ zeasypki encrypt ca/ecdsa/ecdsa-root.com
-    [GnuPG is invoked here]
+    [age is invoked here]
     $ print ca/ecdsa/ecdsa-root.com/*
     cer.pem
     key.pem.enc