More lame doc

svn path=/myrpki/README; revision=2661

1 files changed, 82 insertions, 3 deletions

diff --git a/myrpki/README b/myrpki/README
index 71752703..66b71f4d 100644
--- a/myrpki/README
+++ b/myrpki/README
@@ -82,10 +82,89 @@ library understands.  By default, they're in tab-delimited format
 (because the author finds that much easier to read than
 comma-delimited format), but this can be changed to fit local needs.
 
-[Insert doc on all the individual csv files here]
+A number of the fields in the config or CSV files involve
+certificates.  Some of these are built automatically, others must be
+imported so that the scripts can cross-certify them.  The certificates
+you need to import are all self-signed BPKI certs generated by other
+entities, you import them by specifying the name of a file where you
+stored the BPKI certificate in question (in OpenSSL "PEM" format).
 
-[Insert doc on myrpki.conf parameters here, at least the ones that we
-expect users to edit -- also need to comment that file, extensively]
+Keep reading, and don't panic.
+
+The default config file name is myrpki.conf.
+
+
+===
+
+
+(Current) content of the [myrpki] section of the config file:
+
+- handle		Handle of this entity, used in left-right and
+			publication protocols, etc.  You need to set
+			this one.  Syntax is an identifier (letters,
+			digits, hyphen, underscore -- no whitespace or
+			funny characters).
+
+- repository_bpki_certificate
+			Where to find the repository's BPKI
+			certificate, so we can cross certify it.
+			You'll need to set this.
+
+
+- roa_csv		Names of various CSV files, ok as-is
+  children_csv
+  parents_csv
+  prefix_csv
+  asn_csv
+
+- xml_filename		Name of XML input/output file, ok as-is
+
+- bpki_directory	Where this entity's BPKI CA should live,
+			ok as-is
+
+===
+
+(Current) content of the [myirbe] section of the config file:
+
+- irdbd_conf		Where to find the config file for irdbd.  It's
+			ok for this to loop back to the same config
+			file (ie, for the value of this parameter to
+			be myrpki.conf); it's a separate parameter
+			because the [irdbd] config section contains an
+			SQL password, which you might want hidden.
+
+- rpkid_ca_directory	Directories for several CAs, ok as-is
+  pubd_ca_directory
+  rootd_ca_directory
+
+- rsync_base		rsync:// URI to use as base of publication
+			space.
+
+- pubd_base		https:// URL base for contacting pubd
+
+- rpkid_base		https:// URL base for contacting rpkid
+
+
+===
+
+
+CSV file formats:
+
+- roas:		<prefix>/<length>-<maxlength> <asn>
+
+- children:	<child_handle> <validitydate> <bpki_cert_filename>
+  
+- prefix:	<child_handle> <prefix>/<length>
+
+- asn:		<child_handle> <asn>
+
+- parent:	<parent_handle> <service_uri> <cms_bpki_cert_filename> <https_bpki_cert_filename>
+
+
+===
+
+
+[Still need to doc [myirbe] parameters, and need better BPKI doc]