{% extends 'frame/decorated.html' %}

{% block header %}
<h1><a href="/">httpaste</a> - Paste</h1>

        <p>
        All pastes are symetrically encrypted server-side with an HMAC derived key
        and SHA-256 hashing, a server-side salt and a randomly generated password.
        Public paste’s passwords are derived from their ids. Private paste’s passwords
        are randomly generated and stored inside a symetrically encrypted personal database,
        with the encryption key also being derived through the same HMAC mechanism,
        where a HTTP basic authentication act as the master password.
        Paste ids, usernames, and any other identifiable attributes are only stored
        inside the storage backend as keyed and salted BLAKE2 hashes.
        </p>
        <p><strong>Note:</strong>
            The initial creation of a private paste will prompt for login credentials.
            If the login credentials are not known, they will be created automatically.
            If it is required to authenticate with other credentials, clear your local
            HTTP authentication cache.
        </p>
{% endblock %}
{% block content %}
<figure>
    <figcaption><strong>Navigation</strong></figcaption>
    <menu>
        <li>
            <a href="{{create_private_paste_url}}">Create a Private Paste</a>
        </li>
        <li>
            <a href="{{create_public_paste_url}}">Create a Public Paste</a>
        </li>
    </menu>
</figure>

{% endblock %}