From 8b50e3634a1a278119005ef0986b4a6d23065fc2 Mon Sep 17 00:00:00 2001
From: Niall Sheridan <nsheridan@gmail.com>
Date: Sat, 30 Apr 2016 19:04:11 +0100
Subject: [PATCH] Update readme

---
 README.md | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index b6ee66d3..ff4a4805 100644
--- a/README.md
+++ b/README.md
@@ -40,8 +40,8 @@ Cashier comes in two parts, a [client](client) and a [server](server).
 The client is configured using command-line flags.
 The server is configured using a JSON configuration file - [example](exampleconfig.json).
 
-For the server you _need_ the following:
-- A new ssh private key. Generate one in the usual way using `ssh-keygen -f ssh_ca` - this is your CA signing key. At this time Cashier supports RSA and ECDSA keys. *Important* This key should be kept safe - _ANY_ ssh key signed with this key will be able to access your machines.
+For the server you need the following:
+- A new ssh private key. Generate one in the usual way using `ssh-keygen -f ssh_ca` - this is your CA signing key. At this time Cashier supports RSA and ECDSA keys. *Important* This key should be kept safe - *ANY* ssh key signed with this key will be able to access your machines.
 - Google OAuth credentials which you can generate at the [Google Developers Console](https://console.developers.google.com). You also need to set the callback URL here.
 
 
@@ -98,5 +98,8 @@ The ssh server needs to trust the public part of the CA signing key. Add somethi
 TrustedUserCAKeys /etc/ssh/ca.pub
 ```
 
-Note: Cashier does not implement signing host keys at this time.
+## Future Work
 
+- Host certificates - only user certificates are supported at present.
+- Record issued certs.
+- Cert revocation - depends on recording issued certs.
-- 
GitLab