From d2af630ca6992c497e01d3ae2f818a833f52f446 Mon Sep 17 00:00:00 2001
From: Alex Bilbie <hello@alexbilbie.com>
Date: Wed, 23 Mar 2016 12:45:37 +0000
Subject: [PATCH] Added requirements.md

---
 requirements.md | 11 +++++++++++
 1 file changed, 11 insertions(+)
 create mode 100755 requirements.md

diff --git a/requirements.md b/requirements.md
new file mode 100755
index 00000000..2b4ff813
--- /dev/null
+++ b/requirements.md
@@ -0,0 +1,11 @@
+---
+layout: default
+title: Requirements
+permalink: /requirements/
+---
+
+# Requirements
+
+In order to prevent man-in-the-middle attacks, the authorization server MUST require the use of TLS with server authentication as defined by [RFC2818](https://tools.ietf.org/html/rfc2818) for any request sent to the authorization and token endpoints.  The client MUST validate the authorization server's TLS certificate as defined by [RFC6125](https://tools.ietf.org/html/rfc6125) and in accordance with its requirements for server identity authentication.
+
+This library uses key cryptography in order to encrypt and decrypt, as well as verify the integrity of signatures. See the [installation](/installation) page for details on how to generate the keys.
\ No newline at end of file