Revert "removed"

This reverts commit 70ac4cb64cc610eff6ed70b5ab81122fb4071615.

1 files changed, 93 insertions, 0 deletions

diff --git a/doc/index.mdwn b/doc/index.mdwn
new file mode 100644
index 0000000..5c0c670
--- /dev/null
+++ b/doc/index.mdwn
@@ -0,0 +1,93 @@
+Keysafe securely backs up a gpg secret key or other short secret to the cloud.
+
+This is not intended for storing Debian Developer keys that yield root on
+ten million systems. It's about making it possible for users to use gpg who
+currently don't, and who would find it too hard to use `paperkey` to back
+up and restore their key as they reinstall their laptop.
+
+Not yet ready for production use! Needs security review!
+May run over your dog! Not suitable for bitcoin keys!
+
+## Screenshots
+
+See [[screenshots]]. (Keysafe can also run in text mode in a terminal.)
+
+## How it works, basically
+
+The secret key is encrypted using a password, and is split into three
+shards, and each is uploaded to a server run by a different entity. Any two
+of the shards are sufficient to recover the original key. So any one server
+can go down and you can still recover the key.
+
+Keysafe checks your password strength (using the excellent but not perfect
+[zxcvbn library](https://github.com/tsyrogit/zxcvbn-c)),
+and shows an estimate of the cost to crack your password,
+before backing up the key. 
+
+[[screenshots/4.png]]  
+(Above is for the password "makesad spindle stick")
+
+Keysafe is designed so that it should take millions of dollars of computer
+time to crack any fairly good password. (This is accomplished using
+[Argon2](https://en.wikipedia.org/wiki/Argon2).)
+With a truely good password, such as four random words, the cracking cost
+should be many trillions of dollars.
+
+The password is the most important line of defense, but keysafe's design
+also makes it hard for an attacker to even find your encrypted secret key.
+
+For a more in-depth explanation, and some analysis of different attack
+vectors (and how keysafe thwarts them), see [[details]].
+Also, there's a [[FAQ]].
+
+Here's a video explaining keysafe:
+
+<html>
+<video controls width=400 src="http://mirror.linux.org.au/pub/linux.conf.au/2017/securely_backing_up_gpg_private_keys_to_the_cloud.webm"></video>
+</html>
+
+## News
+
+[[!inline pages="news/* and !*/Discussion" show="3"]]
+
+## Installation
+
+Keysafe is now available in [Debian experimental](https://wiki.debian.org/DebianExperimental).
+Install it from there, or from source.
+
+## Git repository
+
+`git clone git://keysafe.branchable.com/ keysafe` or
+`git clone https://git.joeyh.name/git/keysafe.git/`
+
+All tags and commits in this repository are gpg signed, and you should
+verify the signature before using it.
+
+## Building from source
+
+You should first install Haskell's stack tool, the readline and argon2
+libraries, and zenity. For example, on a Debian system:
+
+	sudo apt-get install haskell-stack libreadline-dev libargon2-0-dev zenity
+
+Then to build and install keysafe, cd into its source tree and run:
+
+	stack install
+
+Note that there is a manpage, but stack doesn't install it yet.
+
+## Reporting bugs
+
+Post to [[todo]] or email <id@joeyh.name>
+
+## Servers
+
+See [[servers]] for information on the keysafe servers.
+
+## License
+
+Keysafe is licensed under the terms of the AGPL 3+
+
+## Thanks
+
+Thanks to Anthony Towns for his help with keysafe's design.