- * New protocol
- * Use public/private key cryptography (fixes security hole)
- * Spanish translation of the program and the manual
- * Use OpenSSL crypto library for all cryptography
- * Support for multiple subnets per tinc daemon
- * Support for universal tun/tap device
- * No longer depends on GMP
+
+* The protocol has been redesigned, and although some details are
+ still under discussion, this is secure. Care has been taken to
+ resist most, if not all, attacks.
+
+* Unfortunately this protocol is not compatible with earlier versions,
+ nor are earlier versions compatible with this version. Because the
+ older protocol has huge security flaws, we feel that not
+ implementing backwards compatibility is justified.
+
+* Some data about the protocol:
+
+ * It uses public/private RSA keys for authentication (this is the
+ actual fix for the security hole).
+
+ * All cryptographic functions have been taken out of tinc, instead
+ it uses the OpenSSL library functions.
+
+ * Offers support for multiple subnets per tinc daemon.
+
+* New is also the support for the universal tun/tap device. This
+ means better portability to FreeBSD and Solaris.
+
+* tinc is tested to compile on Solaris, Linux x86, Linux alpha.
+
+* tinc now uses the OpenSSL library for cryptographic operations.
+ More information on getting and installing OpenSSL is in the manual.
+ This also means that the GMP library is no longer required.
+
+* Further, thanks to Enrique Zanardi, we have Spanish messages; Matias
+ Carrasco provided us with a Spanish translation of the manual.
+
+
+What still needs to be done before 1.0:
+
+* Documentation. Especially since the protocol has changed, and a lot
+ of configuration directives have been added.
+
+
+