From 739348125542fda01a8dbafc816dfa240786e6e6 Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem@fripost.org>
Date: Fri, 18 Dec 2015 12:59:55 +0100
Subject: Add a long description.

---
 debian/control | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'debian')

diff --git a/debian/control b/debian/control
index 2dcd758..856f30d 100644
--- a/debian/control
+++ b/debian/control
@@ -15,3 +15,13 @@ Depends: ${misc:Depends}, ${perl:Depends},
  openssl, netcat-openbsd | netcat-traditional
 Recommends: liblwp-protocol-https-perl, socat
 Description: Tiny ACME client for Let's Encrypt
+ This tiny ACME client written is with process isolation and minimal privileges
+ in mind.  It is divided into three components:
+ 1. the "master" process, which runs as root and is the only component
+    with access to the private key material (both account and server keys);
+ 2. the actual ACME client, which runs as a separated user ID, builds ACME
+    requests and dialogues with the remote ACME server (data to be signed is
+    written to a pipe shared with the master process, which replies with its
+    SHA-256 signature); and
+ 3. an optional webserver, which runs as www-data:www-data and listen on port
+    80 to server ACME challenges.
-- 
cgit v1.2.3