X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;f=website%2Findex.mdwn;h=606456955f29f32ba443d4169bdca79a75e63bb7;hb=d78a6e30ed3bc408e6a43077b4024597dfb810bd;hp=853c75b88635417c07fb33a3dc7d3a25f3f291bc;hpb=2c64cd42335d7c0eeb904d9b9bdb09d7fa8456c5;p=monkeysphere.git

diff --git a/website/index.mdwn b/website/index.mdwn
index 853c75b..6064569 100644
--- a/website/index.mdwn
+++ b/website/index.mdwn
@@ -9,7 +9,7 @@ yourself and the servers you administer or connect to.  OpenPGP keys
 are tracked via GnuPG, and managed in the `known_hosts` and
 `authorized_keys` files used by OpenSSH for connection authentication.
 
-[[bugs]] | [[download]] | [[news]] | [[documentation|doc]]
+[why?](/why) | [[news]] | [[download]] | [[documentation|doc]] | [[community]] | [[bugs]]
 
 ## Conceptual overview ##
 
@@ -26,13 +26,14 @@ keys for authenticating to a server (known as
 "`PubkeyAuthentication`"), rather than relying on a password exchange.
 But again, the public part of the key needs to be transmitted to the
 server through a secure out-of-band channel (usually via a separate
-password-based SSH connection) in order for this type of
-authentication to work
+password-based SSH connection or a (hopefully signed) e-mail to the
+system administrator) in order for this type of authentication to
+work.
 
 [OpenSSH](http://openssh.com/) currently provides a functional way to
-managing the RSA and DSA keys required for these interactions through
-the `known_hosts` and `authorized_keys` files.  However, it lacks
-any type of [Public Key Infrastructure
+manage the RSA and DSA keys required for these interactions through
+the `known_hosts` and `authorized_keys` files.  However, it lacks any
+type of [Public Key Infrastructure
 (PKI)](http://en.wikipedia.org/wiki/Public_Key_Infrastructure) that
 can verify that the keys being used really are the one required or
 expected.