diff --git a/README.md b/README.md
new file mode 100644
index 0000000..d7f52e1
--- /dev/null
+++ b/README.md
@@ -0,0 +1,42 @@
+# XenID - A Dutch eIDAS client for Linux
+## Usage
+Install XenID, along with the resource files. This is best done with NixOS,
+right now. If using other systems, check `package.nix` to see where the
+resources go. That's it.
+
+Any use of the DigiD ID-card check will now pop up XenID, allowing for quick
+and easy login with any (DigiD-activated) ID card.
+
+## Security
+This program does not persist your ID card's PIN, and requires user interaction
+before allowing a DigiD authentication to continue.
+
+It does not and could not know anything about your login, other than the name:
+When authenticating, a special session is created by the DigiD server, and
+provided through the URL used to open XenID. This session can only be used to
+interact with the ID card login process, and provides no long-term keys.
+
+The communication between the card and DigiD is encrypted with a key only the
+card and the DigiD authentication server know, and the DigiD server never gets
+to see your PIN code.
+
+## History
+The Dutch governent has a login system for citizens and residents, but all
+supported login methods are cumbersome, especially for users of fully open
+systems. Either way, you end up having to lug around a phone, alongside
+your laptop or desktop.
+
+Thankfully, in 2022 someone WOO'd (Wet Open Overheid, Law on Open Goverment)
+the governent, which provided us with the majority of the source code of both
+the server and client side of this system.
+
+Simultaneously, in the 2021 refresh, the ID cards were supplied with an eIDAS
+login function. Not much was known about this, and the only way to use this
+functionality was to use a digid-activated smartphone, which intensely limits
+its use. A desktop application was teased, and possibly released, but lost to
+time. However, the option still showed up to anyone logging in through DigiD,
+teasing them.
+
+A while back, Puck spent some time digging through the WOO source, and wrote
+XenID, a Linux-native client, using the same entry point as the original eID
+client. Which you are looking at right now.