X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=README.md;h=1b03c3d3e5eaed94116026d38c2f8df97c57d9c3;hb=116b2fa14bd3601413690ce713282f41d8b78aeb;hp=fdbfc2bba2547be027249a5a2251edfc3e5cb812;hpb=ae9adf2685bacafbb15ad365b9837cd5ef56bb22;p=nre.git

diff --git a/README.md b/README.md
index fdbfc2b..1b03c3d 100644
--- a/README.md
+++ b/README.md
@@ -1,35 +1,44 @@
-# cacert-nre
+# NRE
 
-This is the a project that contains scripts to generate CAcerts new ( after 2015 ) root structure.
+This project is a collection of shell scripts to generate X.509 certificates suitable for operating a Certificate Authority.
+It is usually used in conjunction with *Cassiopeia* and *Gigi*.
 
-You can run the whole generation process for 2015 by invoking `./all root 2015`.
+To generate a root certificate and all intermediate certificates for the years 2017 and 2018, run `./all root 2017 2018`.
+To adjust the settings of the certificates (organization name, domain name, â¦),
+create a `config` file and set the appropriate variables;
+the `config.example` file documents the available variables.
 
 ## Overview of Generating Shell Scripts
 
-The shellscripts that can be invoked (in order of `all`) are:
+The shell scripts that can be invoked (in order of `all`) are:
 
-* `clear` remove all previously generated keys
-* `generateKeys` generate the root certificate and structure certificates (levels 0 and 1)
-* `generateTime 2015` generate the sub-cas for the year 2015
-* `generateInfra 2015` generate the CAcert Infrastructure keys (gigi ssl, gigi smime, signer communication, ...)
-* `verify 2015` verify all keys for the year 2015
-* (optional) `generateSignerConfig 2015` generate config to be deployed on cassiopeia
+* `clear`: remove all previously generated keys
+* `generateKeys`: generate the root certificate and structure certificates (levels 0 and 1)
+* `generateTime 2017`: generate the sub-cas for one year
+* `generateInfra 2017`: generate the CA Infrastructure keys (Gigi TLS, Gigi S/MIME, communication with the signer, â¦) for one year
+* `verify 2017`: verify all keys for one year
+* (optional) `generateSignerConfig 2017`: generate config to be deployed on cassiopeia
 
-all these scripts depend on 2 'library-scripts':
+All of these scripts depend on 2 âlibrary scriptsâ:
 
-* `commonFunctions.bash` functions used all over those scripts
-* `structure.bash` definitions of what cas and keys exist
+* `commonFunctions.bash`: functions used all over those scripts
+* `structure.bash`: definitions of which CAs and keys exist
 
 ## Other Files and Folders
 
-* `CAs` configuration per structure sub-ca
-* `profiles` configuration per certificate profile
-* `selfsign.config` config for the CAs maintained by this script-collection internally
+* `CAs`: configuration per structure sub-ca
+* `profiles`: configuration per certificate profile
+* `selfsign.config`: config for the CAs maintained by this script-collection internally
 
 ## Generated Files and Folders
-* `2015/ca` generated time-based subcas for 2015
-* `2015/keys` generated infrastructure keys for 2015
-* `{root,assured,unassured,...}.ca` root CAs
-* `*.ca/key.key` the CAs private key
-* `*.ca/key.crt` the CAs certificate
 
+The following files and directories are generated in the `generated/` directory.
+
+* `2017/ca`: generated time-based sub-certificates for one year
+* `2017/keys`: generated infrastructure keys for one year
+* `{root,assured,unassured,...}.ca/`: subdirectories for the individual certificates
+* `*.ca/key.key`: the certificateâs private key
+* `*.ca/key.crt`: the certificateâs certificate
+
+They are also bundled into several `*.tar.gz` files in the `generated/` directory,
+which are used by the `manager/` scripts in the *infra* project.