-This chapter is a mixture of ideas, reasoning and explanation, please
-don't take it too serious.
-
-@menu
-* Key Types::
-@end menu
-
-@c ==================================================================
-@node Key Types, , Security, Security
-@subsection Key Types
-@c FIXME: check if I'm not talking nonsense
-
-There are several types of encryption keys. Tinc uses two of them,
-symmetric private keypairs and public/private keypairs.
-
-Public/private keypairs are used in public key cryptography. It enables
-someone to send out a public key with which other people can encrypt their
-data. The encrypted data now can only be decrypted by the person who has
-the private key that matches the public key. So, a public key only allows
-@emph{other} people to send encrypted messages to you. This is very useful
-in setting up private communications channels. Just send out your public key
-and other people can talk to you in a secure way. But how can you know
-the other person is who she says she is? This is done by sending out an
-encrypted challenge that only the person with the right private key can decode
-an respond to.
-
-However, encryption with public/private keys is very slow. Symmetric key cryptography
-is orders of magnitudes faster, but it is very hard to safely exchange the symmetric
-keys, since they should be kept private.
-
-The idea is to use public/private cryptography for authentication, and for
-exchanging symmetric keys in a safe way. After that, all communications are encrypted
-with the symmetric cipher.
+@cindex authentication
+Another important part is the authentication done prior to allowing other
+tinc daemons to connect. This is done by a challenge/response handshake
+involving RSA encryption.
+The details of the authentication can be found in a file called @file{doc/SECURITY2}
+in the source of tinc.