--- /dev/null
+FAQ
+=====
+
+Q: I want to review the document. What do I need to do?
+A: git clone the document, make changes, send us a diff
+Do *not* forget to add your name to reviewers.tex
+
+
+Q: who is invited to review the document?
+A: essentially everyone. The core group of editors consists of crypologists,
+computer scientists and sysadmins
+
+Q: Where is the repository?
+A: https://rhodecode.plunge.at/ach/ach-master
+
+
+Q: Where is the mailing list?
+A: http://lists.cert.at/cgi-bin/mailman/listinfo/ach
+
+Q: can anyone subscribe to the list?
+A: yes
+
+
+Q: I found a bug / some of your recommendations does not work for me
+A: please get in contact with us on the mailing list
-HOW TO USE THIS
+HOW TO USE THIS
===============
-$ git clone https://<myuser>@rhodecode.plunge.at/ach/ach-master
+Anonymous (read-only) git cloning::
+
+ $ git clone https://rhodecode.plunge.at/ach/ach-master
-where <myuser> is your username on the server. Ask for write permissions if you need them.
-Anonymous (read-only) git cloning:
+As a registered user::
+ $ git clone https://<myuser>@rhodecode.plunge.at/ach/ach-master
+
+where <myuser> is your username on the server. Ask for write permissions if you need them.
-$ git clone https://rhodecode.plunge.at/ach/ach-master
-Committing:
+Committing::
-$ git commit -a
-$ git push origin master
+ $ git commit -a
+ $ git push origin master
If you reviewed the document and/or made some changes, please please add your name to the reviewers.tex file (the list of names is sorted alphabetically by last name).
+Please also read the FAQ!!
\input{abstract}
\input{disclaimer}
\input{motivation}
+\input{methods}
\input{overview_common_crypto_systems}
\input{keylengths}
\input{RNGs}
--- /dev/null
+\section{How this document was produced}
+
+For many years, NIST was considered a reasonable choice for recommendations in
+the field of cryptography. However, the NSA leaks of 2013 showed that even
+certain NIST recommendations were
+\cite{NSAEffortstoEvadeEncryptionTechnologyDamagedU.S.CryptographyStandard}{subverted
+by the NSA}. Therefore a new approach has been chosen for producing these
+recommendations.
+
+We chose to collect the most well known facts about crypto-settings and let as
+many trusted specialists as possible review these settings. The review process
+is done on a public mailing list. The document is offered (read-only) to a
+publicly available git server. However, write permissions to the document are
+only granted to trusted people, preferably outside of the U.S. Every write
+operation to the document is logged via the "git" version control system. We
+do not trust an unknown git server. The git server is hardened itself.
+
+