From 3e5bd142280ed1072db361600e1b6b4fabf60439 Mon Sep 17 00:00:00 2001
From: Fabio Scotoni <34964387+fscoto@users.noreply.github.com>
Date: Tue, 24 Mar 2020 14:57:40 +0100
Subject: [PATCH] curve_to_hidden: Note it is intended for ephemeral only

---
 doc/man/man3/crypto_curve_to_hidden.3monocypher | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/doc/man/man3/crypto_curve_to_hidden.3monocypher b/doc/man/man3/crypto_curve_to_hidden.3monocypher
index b1abe7e..662e6e5 100644
--- a/doc/man/man3/crypto_curve_to_hidden.3monocypher
+++ b/doc/man/man3/crypto_curve_to_hidden.3monocypher
@@ -82,6 +82,8 @@ This is of interest for key exchange protocols that require
 indistinguishability from randomness, such as padded uniform random
 blobs (PURBs) and exponential blinding in oblivious pseudo-random
 functions (OPRFs).
+They are intended for ephemeral (short-lived, possibly just one-time)
+X25519 keys, not for long-term public keys.
 This is an
 .Em advanced feature
 \(en unless you are implementing an protocol that requires
-- 
2.47.3