diff --git a/kdc/hprop.8 b/kdc/hprop.8
index 61bdb80b1..c02cfd53e 100644
--- a/kdc/hprop.8
+++ b/kdc/hprop.8
@@ -1,6 +1,6 @@
 .\" $Id$
 .\"
-.Dd September 3, 1997
+.Dd June 19, 2000
 .Dt HPROP 8
 .Os HEIMDAL
 .Sh NAME
@@ -9,58 +9,159 @@
 propagate the KDC database
 .Sh SYNOPSIS
 .Nm
-.Op Fl 4DEhnv
-.Op Fl d Ar file
-.Op Fl -database= Ns Ar file
-.Op Fl -decrypt
-.Op Fl -encrypt
-.Op Fl -help
-.Op Fl k
-.Op Fl -keytab= Ns Ar file
-.Op Fl m Ar file
-.Op Fl -master-key= Ns Ar file
-.Op Fl -stdout
-.Op Fl -v4-db
-.Op Fl -verbose
+.Oo Fl m Ar file \*(Ba Xo
+.Fl -master-key= Ns Pa file Oc
+.Xc
+.Oo Fl d Ar file \*(Ba Xo
+.Fl -database= Ns Pa file Oc
+.Xc
+.Op Fl -source= Ns Ar heimdal|krb4-db|krb4-dump
+.Op Fl 4 | Fl -v4-db
+.Op Fl K | Fl -ka-db
+.Oo Fl c Ar cell \*(Ba Xo
+.Fl -cell= Ns Ar cell Oc
+.Xc
+.Op Fl S | Fl -kaspecials
+.Oo Fl r Ar string \*(Ba Xo
+.Fl -v4-realm= Ns Ar string Oc
+.Xc
+.Oo Fl k Ar keytab \*(Ba Xo
+.Fl -keytab= Ns Ar keytab Oc
+.Xc
+.Oo Fl R Ar string \*(Ba Xo
+.Fl -v5-realm= Ns Ar string Oc
+.Xc
+.Op Fl D | Fl -decrypt
+.Op Fl E | Fl -encrypt
+.Op Fl n | Fl -stdout
+.Oo Fl p Ar integer \*(Ba Xo
+.Fl -port= Ns Ar integer Oc
+.Xc
+.Op Fl v | Fl -verbose
 .Op Fl -version
+.Op Fl h | Fl -help
 .Ar host ...
 .Sh DESCRIPTION
 .Nm
-propagates the database from a master KDC to a slave. It connects to
-all
+takes a principal database in a specified format and converts it into
+a stream of Heimdal database records. This stream can either be
+written to standard out, or (more commonly) be propagated to a
+.Xr hpropd 8
+server running on a different machine.
+.Pp
+If propagating, it connects to all
 .Ar hosts
 specified on the command by opening a TCP connection to port 754
 (service hprop) and sends the database in encrypted form.
 .Pp
-Options supported:
+Supported options:
 .Bl -tag -width Ds
-.It Fl d Ar file
-.It Fl -database= Ns Ar file
+.It Xo
+.Fl m Ar file Ns ,
+.Fl -master-key= Ns Pa file
+.Xc
+Where to find the master key to encrypt or decrypt keys with.
+.It Xo
+.Fl d Ar file Ns ,
+.Fl -database= Ns Pa file
+.Xc
 The database to be propagated.
-.It Fl D
-.It Fl -decrypt
-The encryption keys in the database can either be in clear, or
-encrypted with a master key. This option thansmits the database with
-unencrypted keys.
-.It Fl E
-.It Fl -encrypt
-This option thansmits the database with encrypted keys.
-.It Fl k
-.It Fl -keytab= Ns Ar file
+.It Xo
+.Fl -source= Ns Ar heimdal|krb4-db|krb4-dump
+.Xc
+Specifies the type of the source database. Alternaves include: 
+.Bl -tag -width krb4-dump
+.It heimdal
+a Heimdal database
+.\" .It mit-dump
+.\" a MIT Kerberos 5 dump file
+.It krb4-db
+a Kerberos 4 database
+.It krb4-dump
+a Kerberos 4 dump file
+.It kaserver
+a Transarc kaserver database
+.El
+.It Xo
+.Fl k Ar keytab Ns ,
+.Fl -keytab= Ns Ar keytab
+.Xc
 The keytab to use for fetching the key to be used for authenticating
 to the propagation daemon(s). The key
 .Pa kadmin/hprop
 is used from this keytab.
-.It Fl m Ar file
-.It Fl -master-key= Ns Ar file
-Where to find the master key to encrypt or decrypt keys with.
-.It Fl n
-.It Fl -stdout
+.It Xo
+.Fl R Ar string Ns ,
+.Fl -v5-realm= Ns Ar string
+.Xc
+Local realm override.
+.It Xo
+.Fl D Ns ,
+.Fl -decrypt
+.Xc
+The encryption keys in the database can either be in clear, or
+encrypted with a master key. This option thansmits the database with
+unencrypted keys.
+.It Xo
+.Fl E Ns ,
+.Fl -encrypt
+.Xc
+This option thansmits the database with encrypted keys.
+.It Xo
+.Fl n Ns ,
+.Fl -stdout
+.Xc
 Dump the database on stdout, in a format that can be fed to hpropd.
-.It Fl 4
-.It Fl -v4-db
-Use a version 4 database. This option is only available if the code is
-compiled with Kerberos 4 support.
 .El
+
+The following options are only valid if
+.Nm hprop
+is compiled with support for Kerberos 4 (and kaserver).
+.Bl -tag -width Ds
+.It Xo
+.Fl 4 Ns ,
+.Fl -v4-db
+.Xc
+Deprecated, identical to 
+.Sq --source=krb4-db .
+.It Xo
+.Fl K Ns ,
+.Fl -ka-db
+.Xc
+Deprecated, identical to 
+.Sq --source=kaserver .
+.It Xo
+.Fl r Ar string Ns ,
+.Fl -v4-realm= Ns Ar string
+.Xc
+v4 realm to use
+.It Xo
+.Fl c Ar cell Ns ,
+.Fl -cell= Ns Ar cell
+.Xc
+The AFS cell name, used if reading a kaserver database.
+.It Xo
+.Fl S Ns ,
+.Fl -kaspecials
+.Xc
+Also dump the principals marked as special in the kaserver database.
+.El
+
+.Sh EXAMPLES
+The following will propagate a database to another machine (which
+should run hprop):
+.Bd -literal -offset indent
+$ hprop slave-1 slave-2
+.Ed
+
+Copy a Kerberos 4 database to a Kerberos 5 slave:
+.Bd -literal -offset indent
+$ hprop -4 -E krb5-slave
+.Ed
+
+Convert a Kerberos 4 database for use with a Heimdal KDC:
+.Bd -literal -offset indent
+$ hprop -n -4 -E | hpropd -n
+.Ed
 .Sh SEE ALSO
 .Xr hpropd 8