pdnsutil.1: Add Ed25519 and Ed448, document ECC keysizes

diff --git a/docs/manpages/pdnsutil.1.rst b/docs/manpages/pdnsutil.1.rst
index 32bcd72a8eb5abf68802f8de164b049c9e17429e..7af7fd7a01a3759c85f2a3d591bc158c11291e3b 100644 (file)
--- a/docs/manpages/pdnsutil.1.rst
+++ b/docs/manpages/pdnsutil.1.rst
@@ -43,6 +43,8 @@ algorithms are supported:
 -  gost
 -  ecdsa256
 -  ecdsa384
+-  ed25519
+-  ed448
 
 activate-zone-key *ZONE* *KEY-ID*
     Activate a key with id *KEY-ID* within a zone called *ZONE*.
@@ -69,7 +71,9 @@ generate-zone-key {**KSK**,\ **ZSK**} [*ALGORITHM*] [*KEYBITS*]
     Generate a ZSK or KSK to stdout with specified algorithm and bits
     and print it on STDOUT. If *ALGORITHM* is not set, RSASHA512 is
     used. If *KEYBITS* is not set, an appropriate keysize is selected
-    for *ALGORITHM*.
+    for *ALGORITHM*. Each ECC-based algorithm supports only one valid
+    *KEYBITS* value: For GOST, ECDSA256, and ED25519, it is 256; for
+    ECDSA384, it is 384; and for ED448, it is 456.
 import-zone-key *ZONE* *FILE* {**KSK**,\ **ZSK**}
     Import from *FILE* a full (private) key for zone called *ZONE*. The
     format used is compatible with BIND and NSD/LDNS. **KSK** or **ZSK**