From f110c617c706e3a0b21daf29802e44668e202740 Mon Sep 17 00:00:00 2001
From: Rob Austein <sra@hactrn.net>
Date: Sun, 21 Aug 2016 15:40:34 -0400
Subject: Split out certificate creation; handle verification properly.

---
 README.md | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

(limited to 'README.md')

diff --git a/README.md b/README.md
index 0943cb1..bc647a5 100644
--- a/README.md
+++ b/README.md
@@ -31,13 +31,18 @@ useful things with those keys.
 * `delete-keys.sh` uses `pkcs11-tool` to delete the keys which
   `create-keys.sh` created.
 
+* `issue-certificates.sh` generates a small X.509v3 certificate tree.
+  As a sanity check, it also verifies the issued certificates.
+  This depends on the keys created by `create-keys.sh`.
+
 * `basic-signature.sh` performs a basic hash-and-sign of a data file
   using the `openssl dgst` command, writing a detached signature out
   as a binary file.  As a sanity check, it also verifies the resulting
-  signature using the corresponding public key.
+  signature using the public key extracted from the corresponding
+  certificate (so this depends on `issue-certificates.sh`).
 
-* `smime-signature.sh` generates a small X.509v3 certificate tree and
-  uses that to generate a signed S/MIME message.
+* `smime-signature.sh` generates and verifies a signed S/MIME message;
+  this also depends on `issue-certificates.sh`.
 
 ## References and notes
 
-- 
cgit v1.2.3