Redesign: documentation section

config.toml

@@ -39,7 +39,7 @@ enableRobotsTXT = true
     name = "Quick Start"
 	#pre = "<i class='fas fa-arrow-alt-circle-down '></i>"
     weight = 15
-    url = "/docs/start"
+    url = "/docs/rosenpass-tool/start"
 [[menu.main]]
     name = "What is Rosenpass?"
     weight = 16

content/en/_index.html

@@ -11,7 +11,7 @@
 {{< blocks/cover title="Rosenpass" image_anchor="top" height="auto" color="white" >}}
 <p class="subtitle">Build post-quantum-secure VPNs with WireGuard!</p>
 <div class="rp-buttonrow mx-auto">
-<a class="btn btn-lg btn-secondary mr-3 mb-4" href="/docs/start">
+<a class="btn btn-lg btn-secondary mr-3 mb-4" href="/docs/rosenpass-tool/start">
 Quick Start <!-- <i class='fas fa-arrow-alt-circle-down '></i>-->
 </a>
 <a class="btn btn-lg btn-primary mr-3 mb-4" href="{{< relref "#what-is-rosenpass" >}}">

content/en/docs/_index.html

@@ -5,64 +5,24 @@
 menu:
   main:
     weight: 30
-no_list: true
+landing_page: true
 ---
 
 {{< blocks/lead color="primary" class="mb-5" >}}
-<h1 class="h2">Documentation</h1>
+  <h1 class="h2">Documentation</h1>
 {{< /blocks/lead >}}
-
-<p class="indent">
-  Welcome to the documentation page for Rosenpass. This guide contains the manual pages, slides from various presentations,
-as well as links to both our scientific whitepaper and the github repository for the Rosenpass source code.
+{{< blocks/section color="white" class="pb-0 pt-2" >}}
+<p>
+  Welcome to the documentation page for Rosenpass! This guide contains everything you need to get started with Rosenpass as a software developer, a scientist, a potential collaborator, or as anyone looking to upgrade their security to be post-quantum secure. </p>
+  <p>The content found here can be broadly split into two categories: <strong>software</strong> and <strong>science</strong>. You will find links to installation and compilation guides, versioning information, and command-line manuals, as well as to our whitepaper describing the Rosenpass protocol, presentations looking to communicate the scientific
+  underpinnings of our project, and the results of a penetration test performed on our software.
 </p>
 
-<h2>What is Rosenpass?</h2>
-  <p class="indent">
-    Rosenpass is a daemon, that, given a private key and a list of peers, performs a key exchange with each peer. 
-    The resulting shared secrets are given to WireGuard using its PSK feature – WireGuard remains as secure as it was, Rosenpass adds 
-	protection against quantum computers. Rosenpass can also write the shared secrets to files; this can be used to integrate Rosenpass 
-    with tools other than WireGuard.
-  </p>
-
-<h2>Who is Rosenpass for?</h2>
-  <p class="indent">
-	Rosenpass is for everyone who wants secure encryption, particularly in a world where "store now, decrypt later" attacks are considered to be a present threat. If your data is being encrypted with methods that are not post-quantum secure, that data may 
-    already be vulnerable to harvest attacks relying on future access to quantum computing. The goal of Rosenpass is to protect
-    everyone from that future, much as classical encryption methods protect everyone in a pre-quantum world. That said, there is
-     a skill-floor to using the currently available implementations of Rosenpass. Typically, developers with some experience of 
-     manually configured VPNs will have the easiest time setting up the Rosenpass daemon, particularly those using specific versions
-      of Linux. Support for further systems is actively being researched, but is not currently imminent.
-  </p>
-<h2>Quick Start</h2>
-  <p class="indent">
-    If you simply want to get Rosenpass up and running quickly, you are best served using the <a href="/docs/start">Quick Start Guide</a>.
-    It contains everything you need to download, configure, and start a WireGuard connection using the Rosenpass key exchange. 
-  </p>
-<h2>Which systems are supported by Rosenpass?</h2>
-  <p class="indent">
-    Rosenpass currently provides packages and static binaries for several Linux distributions, as shown here: 
-  </p>
-  <img src="https://repology.org/badge/vertical-allrepos/rosenpass.svg" class="indent">
-
-
-
-<h2>What planned features are on the way?</h2>
-  <ul>
-    <li><b>Cunicu integration:</b> <a href="https://cunicu.li">Cunicu</a> is a user-space daemon for managing WireGuard connections for small devices. We intend to integrate post-quantum security into that daemon via Rosenpass</li>
-    <li><b>Docker and micro-VM implementations:</b> We are currently working on using micro-VMs to reduce the scope of system privileges Rosenpass needs to run</li>
-    <li><b>Hacspec integration:</b> Hackspec is a rust-based language designed by <a>Cryspen</a> to enable the use of several formal verification tools that enable high-assurance cryptography</li>
-    <li><b>NetBird partnership:</b> We are working with <a>NetBird</a> to produce a commercially-ready VPN service that is post-quantum secure</li>
-    <li><b>Golang implementation of Rosenpass:</b> Our initial implementation of Rosenpass is written in Rust, but we are working on an alternative, compatible Golang-built implementation to increase diversity and reach new platforms. 	
-	It is called <a href="https://github.com/cunicu/go-rosenpass">go-rosenpass</a>. 	</li>
-  </ul>
-
-  <h2>Current Version</h2>
-  <h3>&nbsp;&nbsp;0.2.2</h3>
-  <h4>&nbsp;&nbsp; Release Notes</h4>
-  <ul>
-    <li> Fixes vulnerability to prevent output shared key (OSK) to be set or written again on a responder receiving the same InitConf message during a handshake.</li>  
-    <li> This release has no impact for majority of users using Rosenpass with Wireguard</li>  
-  </ul>
+<h2 class="h5">Quick Start</h2>
+<p>
+  If you simply want to get the Rosenpass tool up and running quickly, you are best served using our <a href="/docs/start">Quick Start Guide</a>.
+  It contains everything you need to download, configure, and start a WireGuard connection using the Rosenpass key exchange. 
+</p>
+{{< /blocks/section >}}
 
-  {{< blocks/rss-button href="https://github.com/rosenpass/rosenpass/releases.atom" color="dark" text="Stay up to date with Rosenpass releases by subscribing to the GitHub Release Atom feed!" >}}
+  <!-- {{< blocks/rss-button href="https://github.com/rosenpass/rosenpass/releases.atom" color="dark" text="Stay up to date with Rosenpass releases by subscribing to the GitHub Release Atom feed!" >}} -->

content/en/docs/rosenpass-project/_index.html

@@ -0,0 +1,20 @@
+---
+title: "The Rosenpass Project"
+linkTitle: "The Rosenpass Project"
+type: docs
+weight: 20
+menu: false
+
+blerb: "Rosenpass is a project to produce free/libre, open source, and open science cryptographic tooling to aid the migration of the internet's
+ infrastructure towards post-quantum secure cryptography, e.g encryption and authentication. Currently, the project consists of the Rosenpass 
+ protocol, itsimplementation in the Rosenpass tool, and a cryptographic analysis of its security using [ProVerif](https://bblanche.gitlabpages.inria.fr/proverif/). We focus our work towards better 
+ integration of academic cryptography, the development of software, and its deployment in industry and infrastructure."
+---
+
+{{< blocks/lead color="primary" >}}
+<h1 class="h2">The Rosenpass Project</h1>
+{{< /blocks/lead >}}
+
+{{< blocks/section color="light" class="pt-5 pb-0">}}
+aasdfasdf
+{{< /blocks/section >}}

content/en/docs/rosenpass-project/pentest.md

@@ -0,0 +1,12 @@
+---
+title: "Penetration Test 2024"
+linkTitle: "Penetration Test Report"
+weight: 6
+menu: false
+type: docs
+icon: fa-sharp fa-solid fa-file-pdf
+pdf_filename: "../../report_ngir-rosenpass.pdf"
+blerb: "Radically Open Security's January 2024 report on their penetration test of the Rosenpass tool late in 2023. This document outlines several attacks, tests, and reviews of code and practice relating to the Rosenpass tool, and a summary of the findings."
+---
+
+{{< blocks/pdfembed >}}

content/en/docs/rosenpass-project/presentations/_index.html

@@ -0,0 +1,21 @@
+---
+title: "Conference Presentations"
+linkTitle: "Conference Presentations"
+type: docs
+weight: 20
+menu: false
+no_list: false
+presentation_list: true
+blerb: "As part of our work, we give numerous talks and presentations aimed at communicating the science behind the Rosenpass tool, project and protocol, as well as cryptography more generally. This section contains the presentation slides for several of these talks and, where available, video recordings of them. Please be aware that some of these talks are not in English, but are clearly marked as such."
+---
+
+{{< blocks/lead color="primary" >}}
+<h1 class="h2">Conference Presentations</h1>
+{{< /blocks/lead >}}
+
+{{< blocks/section color="light" class="pt-5 pb-0">}}
+<p class="text-center">
+In this section you can find the slides of presentations we held. 
+For some talks, there are also videos recordings available.
+</p>
+{{< /blocks/section >}}

content/en/docs/rosenpass-project/whitepaper.md

@@ -0,0 +1,12 @@
+---
+title: "Whitepaper"
+linkTitle: "Whitepaper"
+weight: 2
+menu: false
+type: docs
+icon: fa-sharp fa-solid fa-file-pdf
+pdf_filename: "../../whitepaper.pdf"
+blerb: "This document is a guide for engineers and researchers implementing the protocol. It is a scientific paper discussing the secruity properties of Rosenpass as a work-in-progress."
+---
+
+{{< blocks/pdfembed >}}

content/en/docs/rosenpass-tool/_index.html

@@ -0,0 +1,62 @@
+---
+title: "The Rosenpass Tool"
+linkTitle: "The Rosenpass Tool"
+type: docs
+weight: 20
+menu: false
+
+blerb: "The Rosenpass tool is a daemon, written in Rust, that implements the Rosenpass protocol to create and exchange hybridised post-quantum and
+ classically secure keys between two peers. Using a hybrid security model allows us to preserve the reliability of battle-proven classical 
+ cryptography whilst still providing the necessary upgrade to secure against decryption of data by quantum computers (i.e., protect against 
+ “store-now decrypt-later attacks”).
+
+
+The Rosenpass tool works best and most natively with [WireGuard](https://www.wireguard.com/), as it was first envisioned specifically to inject post-quantum secured keys 
+into WireGuard using its Pre-Shared Key parameter. However, as the Rosenpass tool can export its shared secrets to a file, it can be implemented 
+in other use cases. We were able to demonstrate its potential for integration with Transport Layer Security (TLS), in [this tutorial](/blog/tlsrosenpass_july) on using 
+[OpenSSL](https://openssl.org/) with Rosenpass."
+---
+
+<!-- {{< blocks/lead color="primary" >}}
+<h1 class="h2">The Rosenpass Tool</h1>
+{{< /blocks/lead >}} -->
+
+{{< blocks/section color="light" class="pt-5 pb-0">}}
+<!-- <p>The Rosenpass tool is a daemon, written in Rust, that implements the Rosenpass protocol to create and exchange hybridised post-quantum and
+  classically secure keys between two peers. Using a hybrid security model allows us to preserve the reliability of battle-proven classical 
+  cryptography whilst still providing the necessary upgrade to secure against decryption of data by quantum computers (i.e., protect against 
+  “store-now decrypt-later attacks”).</p>
+ <p>The Rosenpass tool works best and most natively with [WireGuard](https://www.wireguard.com/), as it was first envisioned specifically to inject post-quantum secured keys 
+ into WireGuard using its Pre-Shared Key parameter. However, as the Rosenpass tool can export its shared secrets to a file, it can be implemented 
+ in other use cases. We were able to demonstrate its potential for integration with Transport Layer Security (TLS), in [this tutorial](/blog/tlsrosenpass_july) on using 
+ [OpenSSL](https://openssl.org/) with Rosenpass.</p> -->
+<h2>Which systems are supported by Rosenpass?</h2>
+  <p class="indent">
+    Rosenpass currently provides packages and static binaries for several Linux distributions, as shown below: 
+  </p>
+
+  <div class="row">
+    <div class="col">
+      <img src="https://repology.org/badge/vertical-allrepos/rosenpass.svg" style="width:auto;">
+    </div>
+    <div class="col">
+      <h2>0.2.2 Release Notes</h2>
+      <ul>
+        <li> Fixes vulnerability to prevent output shared key (OSK) to be set or written again on a responder receiving the same InitConf message during a handshake.</li>  
+        <li> This release has no impact for majority of users using Rosenpass with Wireguard</li>  
+      </ul>
+    </div>
+</div>
+
+
+
+<h2>What planned features are on the way?</h2>
+  <ul>
+    <li><b>Cunicu integration:</b> <a href="https://cunicu.li">Cunicu</a> is a user-space daemon for managing WireGuard connections for small devices. We intend to integrate post-quantum security into that daemon via Rosenpass</li>
+    <li><b>Docker and micro-VM implementations:</b> We are currently working on using micro-VMs to reduce the scope of system privileges Rosenpass needs to run</li>
+    <li><b>Hacspec integration:</b> Hackspec is a rust-based language designed by <a>Cryspen</a> to enable the use of several formal verification tools that enable high-assurance cryptography</li>
+    <li><b>NetBird partnership:</b> We are working with <a>NetBird</a> to produce a commercially-ready VPN service that is post-quantum secure</li>
+    <li><b>Golang implementation of Rosenpass:</b> Our initial implementation of Rosenpass is written in Rust, but we are working on an alternative, compatible Golang-built implementation to increase diversity and reach new platforms. 	
+	It is called <a href="https://github.com/cunicu/go-rosenpass">go-rosenpass</a>. 	</li>
+  </ul>
+{{< /blocks/section >}}