From c173ed3c5cd503cbd28e0daea825defa6054bb19 Mon Sep 17 00:00:00 2001
From: Pierre Hubert <pierre.git@communiquons.org>
Date: Wed, 31 Aug 2022 15:42:58 +0200
Subject: [PATCH] Update README

---
 README.MD | 17 ++++++++++++-----
 1 file changed, 12 insertions(+), 5 deletions(-)

diff --git a/README.MD b/README.MD
index 2007351..3f5cd48 100644
--- a/README.MD
+++ b/README.MD
@@ -6,17 +6,24 @@ This project aims to provide an easy-to-setup TCP forwarding solution:
 |        |              | Client |                     | Server |              |        |
 | Client | -- TCP xx -- |        | -- HTTP 80 / 443 -- |        | -- TCP xx -- | Server |
 |        |              |  Relay |                     |  Relay |              |        |
-|--------|              |--------|                     |--------|              |--------|
+|--------|              |--------|                     |--------|              |--------|
 ```
 
 This project can be used especially to bypass firewalls that blocks traffics
-from ports others than the 80 / 443 duo.
+from ports others than the HTTP / HTTPS ports.
 
+## Authentication
+The client can authenticate agains the server relays through two different means:
+
+* Using a token
+* Using a client TLS certificate. In this case, the server relay must act as a HTTPS server, and you must provide the
+  server the required certificates / key files in PEM format. It is also possible to provide the  server a CRL file.
+
+
+## Binaries
 This repository contains two binaries:
 
-* `tpc_relay_server`: The server relay
+* `tpc_relay_server`: The server relay. In case of token authentication, it can be put behind a reverse proxy.
 * `tcp_relay_client`: The client relay
 
-The clients relay authenticates itself to the server using a token.
-
 A single server - client relay pair can relay multiple ports simultaneously from the same machine.