From d3002cc8b480d314546f4a82a3832f15f8dcb19a Mon Sep 17 00:00:00 2001
From: adnano <me@adnano.co>
Date: Sat, 26 Sep 2020 13:59:24 -0400
Subject: [PATCH] Update README.md

---
 README.md                 | 41 +++++++++++++++++++--------------------
 examples/client/client.go |  1 +
 2 files changed, 21 insertions(+), 21 deletions(-)

diff --git a/README.md b/README.md
index 6b5988f..d3788df 100644
--- a/README.md
+++ b/README.md
@@ -45,32 +45,31 @@ The way this is implemented in this package is like so:
 
 ## TOFU
 
-This package provides an easy way to implement Trust On First Use in your
-clients. Here is a simple client using TOFU to authenticate certificates:
+`go-gemini` makes it easy to implement Trust On First Use in your clients.
+
+Clients can load the default list of known hosts:
 
 ```go
-client := &gemini.Client{
-	KnownHosts: gemini.LoadKnownHosts(),
-	TrustCertificate: func(cert *x509.Certificate, knownHosts *gemini.KnownHosts) error {
-		// If the certificate is in the known hosts list, allow the connection
-		if err := knownHosts.Lookup(cert); {
-			return true
-		}
-		// Prompt the user
-		if userTrustsCertificateTemporarily() {
-			// Temporarily trust the certificate
-			return true
-		} else if userTrustsCertificatePermanently() {
-			// Add the certificate to the known hosts file
-			knownHosts.Add(cert)
-			return true
-		}
-		// User does not trust the certificate
-		return false
-	},
+client := &Client{}
+knownHosts, err := gemini.LoadKnownHosts()
+if err != nil {
+	log.Fatal(err)
+}
+client.KnownHosts = knownHosts
+```
+
+Clients can then specify how to trust certificates in the `TrustCertificate`
+field:
+
+```go
+client.TrustCertificate = func(cert *x509.Certificate, knownHosts *gemini.KnownHosts) error {
+	// If the certificate is in the known hosts list, allow the connection
+	return knownHosts.Lookup(cert)
 }
 ```
 
+Advanced clients can prompt the user for what to do when encountering an unknown certificate:
+
 ```go
 client := &gemini.Client{
 	TrustCertificate: func(cert *x509.Certificate, knownHosts *gemini.KnownHosts) error {
diff --git a/examples/client/client.go b/examples/client/client.go
index 31e24b2..e499172 100644
--- a/examples/client/client.go
+++ b/examples/client/client.go
@@ -15,6 +15,7 @@ import (
 
 var (
 	client = &gemini.Client{
+		KnownHosts: gemini.LoadKnownHosts(),
 		TrustCertificate: func(cert *x509.Certificate, knownHosts *gemini.KnownHosts) error {
 			// Trust all certificates
 			return nil