X-Git-Url: https://git.ozlabs.org/?p=ppp.git;a=blobdiff_plain;f=README.eap-tls;h=7895b2b2eaa15c53f70aeca06f52f7dd9c92d4b6;hp=bc1066ed0436db585c5561b8efab9a51437afc40;hb=HEAD;hpb=b2a4275ba78b07a4e47dcefb8c9bf2fd8456184a

diff --git a/README.eap-tls b/README.eap-tls
index bc1066e..025dcfd 100644
--- a/README.eap-tls
+++ b/README.eap-tls
@@ -17,9 +17,11 @@ EAP-TLS authentication support for PPP
     mechanism. It also provides optional encryption using the MPPE
     protocol.
 
-    This patch provide EAP-TLS support to pppd.
-    This authentication method can be used in both client or server
-    mode.
+    EAP-TLS support is included in pppd, and is enabled or disabled
+    at configure time by using the --enable-eaptls and --disable-eaptls
+    arguments to ./configure.
+
+    This authentication method can be used in both client and server mode.
 
 2. Building
 
@@ -134,6 +136,9 @@ EAP-TLS authentication support for PPP
       key <key-file>
         Use the client private key found in <key-file> in PEM format
         or in engine:engine_id format
+      pkcs12 <pkcs12-file>
+        Use a pkcs12 envelope as a substitute for cert and key. A password may be
+        required to use this file. 
       crl <crl-file>
         Use the Certificate Revocation List (CRL) file <crl-file> in PEM format.
       crl-dir <dir>
@@ -147,7 +152,9 @@ EAP-TLS authentication support for PPP
       max-tls-version <1.0|1.1|1.2 (default)|1.3>
         Specify the maximum TLS protocol version to negotiate with peers. Defaults
         to TLSv1.2 as the TLSv1.3 code is experimental.
-      verify-tls-peer <none|subject|name|suffix>
+      tls-verify-key-usage
+        Validate certificate purpose and extended key usage
+      tls-verify-method <none|subject|name|suffix>
         Compare the remotename against the subject, certificate name, or
         match by suffix. Default is 'name'.