*** empty log message ***

7 files changed, 38 insertions, 21 deletions

diff --git a/doc/tex/ciphersuites.tex b/doc/tex/ciphersuites.tex
index 65dda77442..9c6805fc90 100644
--- a/doc/tex/ciphersuites.tex
+++ b/doc/tex/ciphersuites.tex
@@ -16,7 +16,14 @@ MAC\_SHA is used in the above example.
 The cipher suite negotiated in the handshake protocol will affect
 the Record Protocol, by enabling encryption and data authentication.
 Note that you should not over rely on \tls{} to negotiate the strongest 
-available cipher suite. Do not enable
-ciphers and algorithms that you consider weak.
+available cipher suite. Do not enable ciphers and algorithms that you consider weak.
+\par
+The priority functions, dicussed above, allow the application layer to enable
+and set priorities on the individual ciphers. It may imply that all combinations of ciphersuites
+are allowed, but this is not true. For several reasons, not discussed here, some combinations 
+were not defined in the \tls{} protocol.
+\gnutls{} may even decide to remove some of the valid ones. This behaviour depends on the
+key parameters. For example keys marked as sign-only, will not be able to
+access the plain RSA ciphersuites, but only the DHE\_RSA ones.
 
 \addvspace{1.5cm}
diff --git a/doc/tex/gnutls.bib b/doc/tex/gnutls.bib
index 743cdd82ff..5edb93071c 100644
--- a/doc/tex/gnutls.bib
+++ b/doc/tex/gnutls.bib
@@ -76,3 +76,11 @@
   note =         "Available from http://www.cs.auckland.ac.nz/\~\ pgut001/pubs/pkitutorial.pdf",
   url =          "http://www.cs.auckland.ac.nz/~pgut001/pubs/pkitutorial.pdf"
 }
+
+@Misc{GPGH,
+  author =       "Mike Ashley",
+  title =        "The GNU Privacy Handbook",
+  year =          {2002},
+  note =         "Available from http://www.gnupg.org/gph/en/manual.pdf",
+  url =          "http://www.gnupg.org/gph/en/manual.pdf"
+}
diff --git a/doc/tex/gnutls.tex b/doc/tex/gnutls.tex
index d3e018da0c..bf067dff39 100644
--- a/doc/tex/gnutls.tex
+++ b/doc/tex/gnutls.tex
@@ -13,19 +13,21 @@
 
 \begin{document}
 
-\pagenumbering{roman}
+\frontmatter
 
 \input{cover}
 
 \tableofcontents
-\newpage
-\pagenumbering{arabic}
+
 \pagestyle{fancy}
 \fancyhead[RE]{\slshape \rightmark}
 \fancyhead[LO]{\slshape \leftmark}
 \fancyhead[RO,LE]{\empty}
 \fancyfoot[C]{\thepage}
 
+\mainmatter
+\input{preface}
+
 \input{library}
 
 \input{tlsintro}
@@ -48,6 +50,8 @@
 
 \input{fdl}
 
+\backmatter
+
 \printindex
 
 \bibliography{gnutls}
diff --git a/doc/tex/handshake.tex b/doc/tex/handshake.tex
index 3b1a8305cc..c63da999df 100644
--- a/doc/tex/handshake.tex
+++ b/doc/tex/handshake.tex
@@ -5,7 +5,7 @@ The Handshake protocol is fully controlled by application layer (your
 program). Within this protocol the parameters for cipher suites, supported
 authentication methods etc. are negotiated. Thus the application layer
 has to set up the required parameters for the connection.
-See the following functions:
+
 \begin{itemize}
 \item \printfunc{gnutls_cipher_set_priority}{gnutls\_cipher\_set\_priority}:
 to set the priority of bulk cipher algorithms.
@@ -22,7 +22,6 @@ to set the priority of protocol versions (ie. \sslIII{}, \tlsI).
 \item \printfunc{gnutls_set_default_priority}{gnutls\_set\_default\_priority}:
 to set some defaults in the current session. That way you don't have to call each
 priority function, independently, but you have to live with the defaults.
-
 \item \printfunc{gnutls_credentials_set}{gnutls\_credentials\_set}: to set the
 appropriate credentials structures.
 \item \printfunc{gnutls_certificate_server_set_request}
diff --git a/doc/tex/library.tex b/doc/tex/library.tex
index 34bec0352f..6c42176d16 100644
--- a/doc/tex/library.tex
+++ b/doc/tex/library.tex
@@ -1,16 +1,3 @@
-\chapter{Preface}
-
-\section{Introduction}
-This document tries to demonstrate the \gnutls{} library API, the
-protocols and the technology involved. I believe that a basic
-understanding of the underlying protocols is important, before
-using \tls{}. This is because security and cryptographic
-protocols are involved, which require the application programmer
-to make correct use of these protocols, or no security is
-offered. Although this document tries to be self contained basic 
-network programming and PKI knowlegde is assumed in most of this document. 
-I suggest \cite{GUTPKI} for an introduction to PKI.
-
 \chapter{The Library}
 
 \section{Description}
diff --git a/doc/tex/openpgp.tex b/doc/tex/openpgp.tex
index ea039a05d6..8681cb2608 100644
--- a/doc/tex/openpgp.tex
+++ b/doc/tex/openpgp.tex
@@ -7,4 +7,5 @@ available in OpenPGP authentication. The \gnutls{}'s implementation is based on
 \cite{TLSPGP} proposal.
 
 See \ref{pgp:trust} on page \pageref{pgp:trust} for more information 
-about the OpenPGP trust model.
+about the OpenPGP trust model. For a more detailed introduction to OpenPGP
+and GnuPG see \cite{GPGH}.
diff --git a/doc/tex/preface.tex b/doc/tex/preface.tex
new file mode 100644
index 0000000000..fd8d40c259
--- /dev/null
+++ b/doc/tex/preface.tex
@@ -0,0 +1,11 @@
+\chapter{Preface}
+
+This document tries to demonstrate the \gnutls{} library API, the
+protocols and the technology involved. I believe that a basic
+understanding of the underlying protocols is important, before
+using \tls{}. This is because security and cryptographic
+protocols are involved, which require the application programmer
+to make correct use of these protocols, or no security is
+offered. Although this document tries to be self contained, basic 
+network programming and PKI knowlegde is assumed in most of this document. 
+I suggest \cite{GUTPKI} for an introduction to Public Key Infrastructure.