From b8859274b0e841b58f258d60f8d72311c1668452 Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat, 19 Jun 2010 00:06:59 +0200
Subject: Documented stuff about the newapi.

---
 README | 19 +++++++++++++++----
 1 file changed, 15 insertions(+), 4 deletions(-)

diff --git a/README b/README
index 0cc8fb6..d32b28a 100644
--- a/README
+++ b/README
@@ -1,7 +1,18 @@
-This is a /dev/crypto device driver, equivalent to those in OpenBSD or
-FreeBSD. The main idea is to access of existing ciphers in kernel space 
-from userspace, thus enabling re-use of a hardware implementation of a
-cipher.
+This is the linux-cryptodev [newapi] branch. Here a new API is being
+designed. The ioctl() API is in ncr.h and the userspace in ncrypto.h.
+
+For the new API to fully operate, root must load a system key (constant
+per system) using the setkey program. After this stage the new API should
+be fully operational. 
+
+The main concept of the new API is disallow userspace applications
+access to cryptographic keys. Operations should be possible (such
+as encryption/decryption/signing/verifying), but raw access to the
+keys will not be possible.
+
+
+
+The old OpenBSD API via /dev/crypto device driver is still supported.
 
 It was initially written for linux 2.6.8 by Michal Ludvig. Compatibility
 fixes for *BSD cryptodev as well as porting to 2.6.27 blkcipher API 
-- 
cgit